The virus that mining criptomoeda ‘hiding’ in the photo of the singer Taylor Swift | the Blog of the Altieres Rohr

Security firm Sophos issued a warning about a plague of digital, which has been active since the fall of 2017, and it is estimated that the company already had a turnover of US$ 3 million (approximately R$ 12 billion) to their farmers.

The virus is emphasized because it now lies in your code and a photo of the american singer Taylor Swift, as well as exploring a number of ways to infect Windows-based computers.

This is not a technique for the exploration of failure and the propagation of the image of the singer that in and of itself, is not harmful when it is opened in a viewer of the images. The technique, called esteganografiait serves only for the use of the innocuous (inoffensive) file from the “cache,” and to sidestep some of the security tools.

The image will only be used on a computer that is already infected, it will go down to the “picture” of the internet, and thus to avoid the filter that monitors access to the files of outsiders.

The virus will receive updates on a regular basis, but it does require that the pest is to be downloaded from somewhere on the internet. The service providers on the web, however, it will remove any viruses that are found. By hiding the code in an image, it will stay online for a longer time, and the criminals don’t have to search for a new home to distribute these updates.

The code that is called by the Sophos anti-virus for MyKings, but he also gets the names of DarkCloud and Smominru, depending on the company.

When you open it in an image viewer, a file can be read as a picture of Taylor Swift. When you download a virus, then the file is meant for installing to a component of the curse of the digital. — Photo: Playback/Sophos Anti-Virus

Brazil is one of the most affected

According to the Sophos anti-virus, 7 per cent of the computers infected by the MyKings they are in Brazil. The country with the most systems are attacked, it is in China, and is responsible for 18% of the contamination. Taiwan (11%), Russia (7%) and usa (6%) round out the list of the five most highly contaminated.

In total, it was estimated that, based on the IP addresses is done by the company, the pest is present in 439 thousand computers.

The virus comes to systems, attacking vulnerable versions of the programs and services, such as: MySQL, Microsoft SQL Server, SQL Server, Telnet, or Secure Shell, Remote Desktop protocol (RDP).

As these are the most commonly used in corporate networks, the companies that are the targets of the most common, but the systems in which we store the recordings of the cameras internal circuits may also be attacked.

The Sophos anti-virus says that the attacks are not sophisticated, but it was “opportunistic”. In other words, the virus looks for the easiest targets, and are exposed.

After you log in to the system, the plague of the digital try to disable safety features, including anti-virus programs, and close the door so that no other malicious code that takes advantage of the same facility. This way, the virus avoids the “competition” from other would-be hackers.

In order to remain in the system, the virus installs itself simultaneously at several points. If the removal is not complete, in any part of the virus is able to re-install all the other components.

When it is installed on a computer, the MyKings to take advantage of the processing capabilities of the machine, to the death of the criptomoeda Monero.

The area is criptomoedas it is a process that is similar to a lottery, in which the computer will need to redo a count for each bet. As more and more processing is dedicated to the task, the more you bet, the unions can do about it.

Taking the processing power of the infected computers and the hackers “win” this lottery, without having to obtain the systems of mining, or to spend the electric bill.

According to Sophos, the makers of the MyKings now earn about$ 300 (US$ 1.2 thousand) per day. The value of is smaller than that in the past, for the account of the fall in the prices of the criptomoedas. Each and every unit of the Monero has come to be quoted at R$ 1.8 billion in January 2018 at the latest, but now it is sold for about$ 200.

Questions about security, hackers, and viruses? Please send it to