The bad news for Zoom keeps coming rolling in with Trend Micro researchers finding CoinMiner being bundled with a legitimate installer of the video conferencing software.
The good news is the installer, Zoom installer version 4.4.0.0, is not from the company’s official download center, but likely from a fraudulent third-party store, Trend Micro reported. However, it does install a working version of zoom, along with the cryptocurrency mining malware.
CoinMiner is capable of mining bitcoin, Monero and Ethereum and when operating soaks up the majority of a systems computing resources causing it to run slowly and use a great deal of extra power.
Once injected into a system the malware first does a system check. Using the CPUinfo tool it determines whether the device is running a 64 or 32-bit system and will then drop into any 64-bit computer encountered. There is no 32-bit version of the malware being used.
Further information on the systems GPU, operating system, video controllers and processors is then gathered along with a determination if the target is running Windows Defender, Microsoft Smartscreen or a antivirus program and if found the malware will attempt to hide itself.
Trend Micro has contacted Zoom to help that firm communicate the problem with its customers. The security firm also noted the only way to avoid being hit with this type of malware is to only download software from the company's official download site.
