The malicious software, also known as Coinminer, comes as a Windows Installer MSI file, which makes it hard to detect as malware, as the type of installer is a legitimate Windows software, used all over the world.
The use of a real Windows-issued app, helps the malware pass through security checks undetected. Once installed, it creates several decoy files and counteracts any malware scans or anti-virus programs your computer counts with.
Also, the malware contains a built-in self-destruct mechanism which erases all traces of its existence or installation, making it a phantom to some extent.
2018 has been an intense year when it comes to crypto-jacking crimes. Hackers have spread their malware through a variety of programs and platforms, including Adobe installation files and updates, commercial sites, and even routers.
This attack comes only a week after hackers who are hijacking CPU power for secretly mining BTC, forced a Canadian university to shut down its network.
The only trace of the `Windows hackers` origin found by Trend Micro’s team is that the malware uses Cyrillic symbols, which has proved to be a common characteristic of the attacks this year. However, the software attack has not been connected to any specific location, yet.
Experts forecast that these attacks are very profitable for hackers and as such, it is unlikely that they will stop soon.