KCN “NORMAN,” NEW XMR TARGETED MALWARE
The new cryptojacking virus, dubbed “Norman, Was discovered by cybersecurity company Varonis. In his report, Varonis explains: “Analysis of the collected malware samples revealed a new variant, which the team dubbed “Norman” that uses various techniques to hide and avoid discovery. We also discovered an interactive web shell that may be related to the mining operators. Norman is an XMRig-based cryptominer, a high-performance miner for Monero cryptocurrency. Unlike other miner samples we have collected, Norman employs evasion techniques to hide from analysis and avoid discovery. At first glance, the malware seemed to be a generic miner hiding itself as “svchost.exe.” However, the techniques it used proved to be more interesting. The malware’s deployment can be divided into three stages: – Execution. – Injection. – Mining. Be very careful, dear viewers! The news release partner STEX.com.