Facebook message spreads cryptomalwar, hacking is ID and device!
Crypto Malware is spreading via message in the form of video file on Facebook. If you open this vermilion sent from a known or unknown person ID, then your favorite ID will be hacked. Your favorite device will be harmed.
So far, two such malware files have been identified by security analysts, the files have been spread by jeeps in the form of two video files. After opening the zip file, there will be an icon of the video file, but there is an extension .exe. Only between 500 and 900 KB, this file can harm your Windows PC only.
However, the hacker will get access to some of your IDs through the other file, so that the script created by them will unknowingly send you messages and send them a message.
#Separate analysis of two files:
![Screenshot_2017-12-22-15-46-03.png]
(
)
If we analyze the zip file, we will get an exe file here, which can be found in many cases.
This is commonly used by Taskill.exe files to detect scam and phantom help in the presence of Victim computers.
If we check this process, then find a miner.exe and look for the location, it will be seen in the order of updater.exe. Working with 3032.
It is also more recognizable that it is able to access the protocol "stratum + tcp: //" (Indicator: "stratum + tcp: //"; File: "network.pcap")
So technically these types of files are cryptomalware. It is mainly used by Victim's machine, it is capable of destroying Victim's important information even in keystrokes and records.
The activities of such maleware are a little different. Such cryptomalware typically has two Download the exe file and enter the Victim device.
#Second File Analysis:
By executing this malware, important features of the victim's computer are closed and some unnecessary features are installed. It can use the user agent miner to turn off the computer device alone and the blue screen of death (BSOD) is enabled. And unnecessary features increase the device's temperature at the beginning.
It is called cryptomware for taking important information from the browser and triggering cryptomapping on the device. The email address of the person involved with this malware has been detected.
The main research and information about this cryptomavleware is Cyber Security Agency CSP.
In our country, the crypto malware that has already started spreading, be careful not to click the link on Facebook or link extensions in the group, do not click on any unnecessary link or unknown link.
goodand important post
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Thanky for your expression.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit