Hidden Bee

By GoldSparrow in Trojans

In a best case scenario, when the cyber crooks propagate their cryptocurrency miners, they would like them to infiltrate as many machines as possible and remain active on them for as long as possible without being detected by any anti-malware application. This, however, is only achieved by the most high-end cryptocurrency miners on the Web. One such case is the Hidden Bee Trojan miner. It is believed to originate from China and appears to be targeting users residing in Asia mainly.

The cybercriminals responsible for the Hidden Bee miner are known for spreading their malware via advertisements on adult websites, which are very well-known in Asia. The corrupted advertisements would load a secret iFrame, which they can make as small as 1px width x 1px height, to make sure that the victim does not notice it. However, its code will still get loaded. When this happens, the threat will perform a test to find out what versions of Internet Explorer and Adobe Flash are being run and whether they are susceptible to the exploit. If the test reveals that the user is running the versions of Adobe Flash and Internet Explorer, which contain the vulnerabilities that the Hidden Bee miner is programmed to exploit, the threat will begin downloading its payload and launching it on the infected system.

As we already mentioned, the Hidden Bee Trojan is a high-end cryptocurrency miner, and as such, it is made to stay under the radar of most security software. The Hidden Bee cryptocurrency miner locates its components in system processes such as 'msdtc.exe,' 'dllhost.exe,' 'WmiPrvSE.exe,' and '.svchost.exe' in an attempt to reduce the chances of being detected. However, the Hidden Bee RAT could be spotted by the user because it is likely that this Trojan will eat up a large portion of the CPU of the machine and thus make it run slower significantly.

The creators of the Hidden Bee malware have opted to make it capable of mining several cryptocurrencies. When the coins are mined successfully, the Hidden Bee Trojan sends them to its authors' wallets. Cryptocurrency miners like the Hidden Bee RAT are becoming ever more common as the popularity of cryptocurrencies grows each day. It is vital for users to download and install a legitimate anti-spyware applications, which would keep them safe from malware like the Hidden Bee Trojan.


Most Viewed