Plurox, is the latest malware that was discovered to focus mainly on cryptocurrency Mining. Researchers at Kaspersky lab says, this malware( Malicious program that causes harmful to the PC) has very unpleasant features.
Written in C language, this Malware was found to use the NSA developed leaked exploit Eternalblue.
However, if there was an update, this Malware was found to download 8 different type of plugins that mainly focuses on Cryptocurrency mining depending on the system configuration.
This Malware has capability of self spreading and if detected by administrator it was designed to look to like the attack was actually coming from router and not from local machine making it difficult to detect(it uses Eternalblue exploit for this).
If you are normal person, you don't need to panic you are safe because Kaspersky says, it already has the system in place and will detect this Malware and plugins as Backdoor.Win32.Plurox and HEUR:Trojan.Win32.Generic.
Note: This blog was created to share the key information in Short, so some things might have been slightly altered for everyone to understand, but if you feel the information was wrong or needs to be updated, Kindly let us know using the contact us page or through comments.
In the Meantime, if you are a security researcher or wants to know more information about this malware, you can read it on official blog here.
Written in C language, this Malware was found to use the NSA developed leaked exploit Eternalblue.
The Malware will first connect to its command Center Server using TCP Protocol, will wait for 5 min for updates, and if there is no update it will delete its port forwarding operations automatically,using UPnP plugin and this plugin was believed to be used to attack the local network.
However, if there was an update, this Malware was found to download 8 different type of plugins that mainly focuses on Cryptocurrency mining depending on the system configuration.
This Malware has capability of self spreading and if detected by administrator it was designed to look to like the attack was actually coming from router and not from local machine making it difficult to detect(it uses Eternalblue exploit for this).
If you are normal person, you don't need to panic you are safe because Kaspersky says, it already has the system in place and will detect this Malware and plugins as Backdoor.Win32.Plurox and HEUR:Trojan.Win32.Generic.
Note: This blog was created to share the key information in Short, so some things might have been slightly altered for everyone to understand, but if you feel the information was wrong or needs to be updated, Kindly let us know using the contact us page or through comments.
In the Meantime, if you are a security researcher or wants to know more information about this malware, you can read it on official blog here.
