Winlog.exe Miner

A new crypto miner using the Winlog.exe process is making the rounds on the Internet. It attacks the CPU of the affected computers, compromising it and attempting to obtain useful information from the infected machines during its mining activities. The main infection methods connected to the Winlog.exe malware were discovered to spread via Potentially Unwanted Programs (PUPs), browser hijackers or adware that redirect the browser to unsafe sites housing worse threats. Once the unsafe site has been visited, the infection file or script of the Winlog.exe coin miner compromises the victim's system. Another possible way is that a machine may end up infected if the harmful file is downloaded by the users if they believe the file is something legitimate.

The Winlog.exe miner targets the Electroneum cryptocurrency, and it works in the background of an infected computer mining away, with users getting nothing in return. The people behind the Winlog.exe miner use the CPU to receive Electroneum tokens, which may end up damaging the computer eventually.

What's more, the Winlog.exe miner also may have components that act like a Trojan embedded into its code. This makes it even more threatening to an infected machine, as it may delete, copy and encrypt files. It may obtain admin rights, as well as update itself as it stays hidden. Collecting financial data and passwords, logging keystrokes and gathering browsing data are also possible ways via which the Winlog.exe miner may affect a user's experience.