Cryptojacking malware continues to be a challenge in 2019. According to research published by TrendMicro in September, a new cryptojacking malware is targeting Linux systems. The malware, known as Skidmap, is capable of accessing computers and illegally using their processing power to mine crypto.

The Skidmap Malware

To conduct its illicit activities, the Skidmap malware attacks computers by creating infected loadable kernel modules (LKM) to stay hidden. Since it utilizes the Linux kernel module rootkits, it is quite difficult to detect. The reason for this is that the malware comes with the ability to overwrite and modify kernel parts.

Besides crypto mining, the researchers claim that the malware is able to create backdoors, which hackers can use to access the infected system by creating secret master passwords. It can then use it to gain unauthorized access to any part of the system.

How it Works

The malware enters a Linux system using the crontab commands, which are used to schedule jobs in Unix-based computer OS. Once it is in the system, it will install corrupted binaries that it uses to lower the security settings of the infected computer, making it possible to use the computer for crypto mining. The research did not point out which crypto the malware was mining. To begin its cryptojacking activity, the malware detects the specific OS, whether it is CentOS/RHEL or Debian.

For Debian systems, the malware will save its crypto-miner in “/tmp/miner2.” For the CentOS/RHEL system, it stores the crypto miner as a tar file, which is sourced from the hxxp://pm[.]ipfswallet[.]tk/cos7[.]tar[.]gz.” URL.

It also has another method that it uses to access infected systems. To achieve this goal, it replaces the “pam_unix.so” file, which is used for authentication with a malicious file called “Backdoor.Linux.PAMDOR.A.” With these simple steps, the malware has full access to any system.

The malware has other malicious components that it installs in the system. For instance, it utilizes various other components to accomplish its malicious goals. Some of the components are a fake “rm” binary, an Iproute module, a kaudited binary that it uses to install various LKMs and a Netlink rootkit to help it generate fake network stats.

How to Stay Safe

The threat of crypto-jacking continues to grow every day. This can lead to higher power consumption as well as disruption of business processes. With a few precautions, one can keep their systems safe. One way to do this is to ensure that the system and servers are updated and patched often. Besides that, users should conduct due diligence when using third-party repositories. Additionally, avoid clicking on unfamiliar links sent to your email and check the website URLs of the sites you visit to ensure they are secured.

How to Detect Crypto Jacking

There are various ways to detect cryptojacking. If you use a laptop and notice your fan is revving up, that is a good sign there is malicious software on your device. Besides that, if you notice your laptop heats up often, you should scan your laptop with an updated and reliable antivirus.

Image Source: Shutterstock

Notice: Information contained herein is not and should not be construed as an offer, solicitation, or recommendation to buy or sell securities. The information has been obtained from sources we believe to be reliable; however no guarantee is made or implied with respect to its accuracy, timeliness, or completeness. Authors may own the crypto currency they discuss. The information and content are subject to change without notice. Visionary Financial and its affiliates do not provide investment, tax, legal or accounting advice. This material has been prepared for informational purposes only and is the opinion of the author, and is not intended to provide, and should not be relied on for, investment, tax, legal, accounting advice. You should consult your own investment, tax, legal and accounting advisors before engaging in any transaction. All content published by Visionary Financial is not an endorsement whatsoever. Visionary Financial was not compensated to submit this article Please also visit our Privacy policy; disclaimer; and terms and conditions page for further information.

You May Also Like

New York’s Financial Watchdog Requests Feedback on Proposed Changes to Crypto Law

The state of New York has historically had some of the toughest…

South Korea’s Crypto Exchange Makes Good on Its Threat to Sue the Nation’s Tax Authority

In December, we reported that Bithumb was planning to sue the National Tax Authority,…

Interview with Nischal Shetty on Binance – WazirX Acquisition Deal

Binance’s acquisition of India’s leading crypto exchange WazirX was indeed a surprise…

Hedge Fund Veteran Mark Yusko Reveals When to Sell Bitcoin

Bitcoin, the crowning cryptocurrency crashed from $10000 mark to a low of…
Ripple Could Move To The UK

Ripple Could Move To The UK, PayPal Developments Are A Perfect Reason Why

Ripple, the company behind the XRP token, could move to the UK…

Japan Striving For National Digital Currency In Response To China And Facebook Libra

Japan recently joined the club of nations globally that are considering launching…

SEC Charges Founder Behind Million Dollar Fraud ICO Project

2017’s amplified mechanism of Initial Coin Offering to raise funds from the…

Binance Plans To Launch Crypto Mining Pool, Hires Former Bitmain Employees

According to a recent tweet by the CEO of Binance, the Binance exchanges plans…
Virtual Asset Business Law

South Korea’s National Assembly Begins Work On Virtual Asset Business Law

On October 7, 2020, the details of The National Assembly Seminal for…

Coinvention 2019 Returns to Philadelphia Featuring Industry Leaders, Competitive Hackathon

NEW YORK (July 16, 2019) – via CryptoCurrencyWire – Coinvention 2019 is…