Zoomโs been the center of attraction ever since the outbreak began. It has attracted many companies which were forced to turn their model to work-from-home, and also the hackers. The sudden popularity of this video conferencing platform is now used by hackers to fool users and dump a cryptojacking malware into their PCs, thus minting cryptocurrencies using victimsโ resources.
Install โ Infect โ Mine
The sudden rise of work-from-home models gave enough push to video conferencing apps like Zoom, which were now actively targeted by attackers to exploit the community. Trend Micro reported an incident of hackers exploiting Zoomโs installers, and dumping cryptojacking malware in usersโ PCs, along with an original Zoom client to avoid being suspicious.
The sudden shift of working models gave little time for companies and users to check for security. This led the download Zoom from unknown sources and an installer for properly setting it up. While theyโre getting the Zoom conferencing app as expected, but thereโs an infected installer coming along. This was attacked by a cryptojacking malware that users fail to notice.
Upon installing, the malware checks for any antivirus software initially, as they could flag the malware and alert user. If unavailable, they proceed with their operations of collecting system data (for compatibility) and minting coins. It collects data like the systemโs OS, CPU, GPU, video controllers, etc. These will be helpful to determine how much mining could be done.
Impacts and Remedies
Mining cryptocurrencies takes a vast amount of resources, especially CPU and GPU. Relying heavily on graphics wears out PC sooner than expected. This could even slow down the actual processes needed by the user. And as this minting process runs in the background, the user wouldnโt know anything about it and will see effects in the long term.
Installing client and installer software from authentic sources is the only way to avoid being infected. Moreover, having a strong and updated antivirus can help the wave of most of the malware.
Source: Trend Micro