Darlloz variant infects Intel systems to mine Dogecoins, MinCoins

Share this article:
The worm installs coin mining software on infected computers running Intel x86 architectures.
The worm installs coin mining software on infected computers running Intel x86 architectures.

Darlloz, a worm capable of targeting traditional computers and internet-enabled home devices running Linux, has been updated to mine cryptocurrencies.

On Wednesday, Kaoru Hayashi, a threat analyst at Symantec, revealed in a blog post that, as of last month, more than 31,000 devices were infected with Darlloz. The worm was discovered in November, when it was being leveraged to target only Intel x86 systems.

“Once a computer running Intel architecture is infected with the new variant, the worm installs cpuminer, an open source coin mining software,” Hayashi wrote.

Instead of targeting the more popular, and valuable, cryptocurrency Bitcoin, the latest Darlloz variant (found in mid-January) goes after MinCoins and Dogecoins, he said.

“The reason for this is MinCoin and Dogecoin use the scrypt algorithm, which can still mine successfully on home PCs, whereas Bitcoin requires custom ASIC [application-specific integrated circuit] chips to be profitable,” Hayashi explained.

He added that by the end of February Darlloz had mined nearly $200 worth of Dogecoins and MinCoins, a “relatively low [amount] for the average cyber crime activity,” but that theft would likely grow in scale as the malware evolves.

Last November, for instance, Symantec found that Darlloz was designed to target “internet of things” devices like home routers, set-top boxes and security cameras, though no attacks against those devices had yet been detected. Now, 38 percent of Darlloz infections have impacted a range of connected home devices, the firm found.

According to Symantec, 50 percent of all Darlloz infections have been concentrated in the U.S., China, South Korea, Taiwan and India.

Share this article:

Sign up to our newsletters

More in News

EFF intros wireless router software to boost industry standard

EFF intros wireless router software to boost industry ...

This weekend, the digital rights group released a "hacker alpha" version of its Open Wireless Router software.

Breaches driving organizational security strategy, survey indicates

Breaches driving organizational security strategy, survey indicates

CyberArk interviewed 373 IT security executives and other senior management in North America, Europe and the Asia-Pacific as part of its eighth annual Global Advanced Threat Landscape survey.

Siemens industrial products impacted by four OpenSSL vulnerabilities

The vulnerabilities can be exploited remotely, and fairly easily, by an attacker to hijack sessions and crash the web server of the product.