Coin Miner Archives – Gridinsoft Blog

Bloom.exe

Bloom.exe is a process related to a malicious miner

Bloom.exe is a malicious miner that masquerades as a legitimate process. Its job is to use the victim’s device to mine cryptocurrency for con actors. The most visible sign of its presence, aside from the process in the Task Manager, is an enormously high CPU load that comes from it. This effectively renders your system… Continue reading Bloom.exe

WinRing0x64.sys

Everything is poison and the whole medicine, the difference only in the application

WinRing0x64.sys is a low-level driver that is used by specific applications. The file is not malicious, though, but malware can abuse this driver. Next, we will find out who uses WinRing0x64.sys and why and answer the question of whether it can be removed. WinRing0x64 Overview WinRing0x64.sys is a crucial software component that allows applications to… Continue reading WinRing0x64.sys

Hellminer.exe Coin Miner

Hellminer.exe is a process related to a malicious miner

Hellminer.exe is a process you can see in the Task Manager that indicates a malicious software activity. It stands out by the high CPU load it creates, making the system much less responsive. Let’s figure out what this process is, and how to get rid of it.

Csrss.exe Trojan Virus

Exhaustive information about CSRSS.exe

Csrss.exe is an important Windows process, which may sometimes consume a lot of system resources and puzzle the users with such behavior. Some people may mistake it for trojan virus and try to terminate it forcefully. So, is csrss.exe dangerous? And how to fix the issues it creates? Let’s find out. What is Csrss.exe? Csrss.exe… Continue reading Csrss.exe Trojan Virus

GuptiMiner Use eScan to Spread Miners and Backdoors

GuptiMiner hijacks eScan antivirus updates to deploy backdoors and mine cryptocurrency.

A recent report by Avast researchers identified an old-timer malware called GuptiMiner. It uses the eScan antivirus update mechanism to stealthily inject backdoors and cryptocurrency mining programs into users’ computer systems and large corporate networks. This is further evidence that cybercriminals are adapting their techniques to bypass modern security measures. Let’s look at the situation.… Continue reading GuptiMiner Use eScan to Spread Miners and Backdoors

OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes

OpenMetadata vulnerabilities are exploited to mine cryptocurrency

Microsoft security blog reports that the OpenMetadata platform has critical vulnerabilities that allow attackers to exploit Kubernetes workloads for crypto mining. Five vulnerabilities allow attackers to bypass authentication and execute Remote Code Execution. Microsoft recommends updating to OpenMetadata and employing robust authentication measures. OpenMetadata Vulnerabilities Threats Kubernetes Workloads, Actively Exploited According to the recent Microsoft… Continue reading OpenMetadata Vulnerabilities Exploited to Abuse Kubernetes

Bitfiat Process High CPU – Explained & Removal Guide

Have you opened Task Manager and found the Bitfiat high CPU usage? Here is the way to solve this.

Bitfiat is a malicious coin miner that exploits your computer’s hardware to mine cryptocurrencies. Such malware takes as much resources as it can, making the system impossible to use. Let’s see what this malware is, and how to remove it. Bitfiat Overview The Bitfiat process is related to the activity of a malicious coin miner.… Continue reading Bitfiat Process High CPU – Explained & Removal Guide

Aluc Service: What Is Aluc App & How to Remove?

Aluc Service appears to be a malicious service related to a coin miner virus

Aluc Service is a strange service you can spectate in the Task Manager. It is, in fact, a malware-related process that hides behind a legitimately-looking name. Most commonly, such a trick is done by coin miner malware and rootkits. What is Aluc Service? At a glance, Aluc Service may look like a legit service among… Continue reading Aluc Service: What Is Aluc App & How to Remove?

KmsdBot malware combines DDoS-attacks and coin mining

KmsdBot malware is a coin miner with the DDoS capabilities

A new malware, called KmsdBot, strikes user devices. The Akamai SIRT has discovered a new malware that uses the SSH (Secure Shell) protocol to infiltrate target systems in order to mine cryptocurrency and carry out DDoS attacks. It spreads disguised as a bot for popular games, in particular, GTA V. The combined threat raises malware… Continue reading KmsdBot malware combines DDoS-attacks and coin mining

Extension spoofing strikes Spanish-speaking countries

Phishing email that aims to install malware on your PC

An old-good form of malware disguisment sparked recently in several Spanish-speaking countries across the globe. Users note numerous cases of email attachments with spoofed file extensions, that appear to be coin miner trojans. Massive outbreak of extension spoofing in email spam Email spam is a form of malware spreading that became very popular at the… Continue reading Extension spoofing strikes Spanish-speaking countries