Moloko CPU Miner
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 104 |
| First Seen: | August 2, 2017 |
| Last Seen: | June 30, 2021 |
| OS(es) Affected: | Windows |
The Moloko CPU Miner is classified as a Potentially Unwanted Program (PUP), which is reported to be abused for profit by planting the app on the computers of unsuspecting users. The Moloko CPU Miner is advertised as a tool that allows the PC users to take advantage of a powerful processor unit and use it to help manage the flow of the Monero (XMR) digital crypto currency. The process is called "mining, " and it requires processing transactions made with encrypted data blocks, which can be very tasking for a machine. There are companies who rent processing capabilities to digital currency markets like Blockchain.info and many others. The interesting feature of apps like Moloko is that they can be used by regular users looking to make money with their machines. As you may expect, imaginative and ambitious third parties saw an opportunity to build a custom Moloko CPU Miner and install it on machines they do not own and control.
Consequently, users who are running the Moloko CPU Miner on their systems not knowing about it may experience severely diminished performance and program crashes due to the lack of CPU power. The operators of the corrupted Moloko network of machines delegate new mining tasks and collect revenue produced with the power of compromised machines. One such corrupted Moloko CPU Miner was found to download the necessary client-server configuration from a site named milara.at[.]ua and registered to the 193.109.247.11 IP address. Additionally, the miner in question connects to a Monero pool via eu.dwarfpool[.]com:8050 as it begins its operation. The work that apps like the Moloko CPU Miner, isMiner and NsCpuCNMiner perform requires a lot of processing power, and the software is not recommended to be used on low and mid-tier machines as it is both inefficient and may damage your computer. However, the team behind the corrupted Moloko CPU Miner does not appear to consider such aspects and seeks to install their product on as many machines as possible only. The tactic is an example of basic problem-solving capabilities, and cyber security vendors have developed ways to detect and remove the Moloko CPU Miner. PC users that are not running a clean copy of the Moloko CPU Miner of their own accord and experience diminished computer stability and performance may be shown security alerts, which include the following tags:
- TROJ_GEN.R031C0OGT17
- Trojan.CoinMiner!8.30A (cloud:wgjnq0WXdnG)
- Trojan.GenericKD.5705300 (B)
- Trojan.Win32.Generic!BT
- Trojan.Win32.Z.Coinminer.9728.AK
- Trojan/Win32.Snojan
- Trojan/Win32.Snojan.C2007528
- a variant of MSIL/CoinMiner.AAC
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.