Threat Database Trojans Svchost.exe.exe CPU Miner

Svchost.exe.exe CPU Miner

By GoldSparrow in Trojans

The Svchost.exe.exe CPU Miner is a program that features a name very similar to the legitimate 'svchost.exe' process on Windows computers. The name is used by various threat strains to avoid detection by AV scanners and hide the work of threat actors with remote access to the system. In this case, the Svchost.exe.exe CPU Miner is a product of Black Hat hackers who are taking advantage of the affiliate program at Minergate.com to claim revenue while using the processing power of your computer. The Svchost.exe.exe CPU Miner is designed to process transactions made with the XMR, or Monero digital crypto-currency and earn a percentage of the digital money being processed. The Svchost.exe.exe CPU Miner may be introduced to machines via compromised remote desktop connections and free software bundles that include the Svchost.exe.exe CPU Miner as a hidden component. The Svchost.exe.exe CPU Miner may be offered to users as a browser plug-in named 'SeachGo,' which is a name some AV researchers may use to refer to the Svchost.exe.exe CPU Miner.

The program at hand is designed to fulfill a simple purpose—use 100% of the available processing power and mine Monero coins for its developers. The Svchost.exe.exe CPU Miner is reported to decrease the performance of compromised systems significantly and inject code into the legitimate instance of svchost.exe. Malware analysts have observed that the Svchost.exe.exe CPU Miner make changes to the Registry and add code to the clean svchost.ex, which launches the corrupted app svchost.exe.exe. The Svchost.exe.exe CPU Miner is recorded to connect to Xmr.pool.minergate.com and mine Monero, as long as the infected device is running. The Svchost.exe.exe CPU Miner is loaded on system boot and users may be unable to open their Web browser and other third-party programs due to the lack of processing power, which is hijacked by the Svchost.exe.exe CPU Miner. The main executable for the CPU miner can be found in the Windows directory under [DRIVE LETTER]:\Windows\Microsoft\svchost.exe.exe. The makers of the Svchost.exe.exe CPU Miner are likely to utilize the affiliate program at Minergate.com and maximize their profits by adding new infected devices as affiliates. The profit for one week of mining Monero via Xmr.pool.minergate.com is 0.23746 XMR, which equals approximately 11 USD. That may not sound much, but when you have five hundred PCs running the Svchost.exe.exe CPU Miner, you would be making 5500 per week. Add the 75% more profit if you have 31+ affiliates and you might boost your profit to 9625 USD per week. These may be rough estimations, but you should get a good idea how profitable the Svchost.exe.exe CPU Miner can be. Restoring the normal operation of compromised computers is possible through the use of a trusted anti-malware utility that can remove the Svchost.exe.exe CPU Miner efficiently.

Trending

Most Viewed

Loading...