Data security firm Varonis researchers recently discovered a product called "Norman" new monero-mining malware. The malware use the infected computer's processing power to tap encryption currency, cause the system to slow down or become unusable.
Norman's strong ability to hide. When the technicians found traces of the malware almost all computers infected with the victim companies and may have existed for many years. Norman was so subtle, because hackers use a variety of techniques to circumvent detection. For example, malicious software will automatically terminate when the user opens the Windows Task Manager program process and return to work when the user closes the Task Manager to prevent users find strange process is running.
This malicious software can not only latent for a long time, hackers can also accept commands from the command and control server. But the researchers said the attacker uncertain whether they really "management" of the malicious software. In addition, researchers believe Norman developers may come from France or other French-speaking countries, because the malware code contains the string written in French. Experts said the use of malicious software mining encryption currency is one of the most popular forms of cyber crime last year. Users should update security patches, and always pay attention to CPU unusual activity in order to prevent malware infections.