![]() For example, the corresponding script is mine_grin29.bat (on Windows) or mine_grin29.sh (on Linux) when mining Grin using the Cuckaroo29 algorithm. Depending on the coins that you want to mine, find the corresponding script in the folder.Download and extract Bminer into a folder (e.g.Comes with REST APIs to facilitate large-scale production deployments.Automatic reconnects to recover from transient network failures.Bminer is one of the fastest miner on a number of algorithms.Bminer supports mining Grin (GRIN) with 1% of devfee.Bminer supports mining Bytom (BTM) with 2% of devfee.It is also possible to dual mine Ethash and Blake14r-based / Blake2s-based coins, where the devfee is 1.3%. Bminer supports mining Ethash-based coins (e.g., Ethereum) with 0.65% of devfee.Bminer supports mining Equihash-based coins (e.g., BitcoinGold, BitcoinZ) with 2% of devfee.Bminer is one of the fastest publicly available miners today - we use various techniques including tiling and pipelining to realize the full potentials of the hardware.īminer also comes with REST APIs to facilitate production deployments (e.g., mining farms). UPDATE: The Kaspersy report detailing this zero-day is now live and available here.Bminer is a highly optimized cryptocurrency miner that runs on modern AMD / NVIDIA GPUs. "What we do know is that its exploitation in Windows clients began in March 2017." "We don’t have exact information about how long and which versions of the Telegram products were affected by the vulnerability," Firsh added. "Also, while conducting a detailed research of these attacks we discovered a lot of artifacts that pointed to involvement by Russian cybercriminals," the expert said. "It appears that only Russian cybercriminals were aware of this vulnerability, with all the exploitation cases that we detected occurring in Russia," Firsh wrote in a report made available to Bleeping Computer before publication. The zero-day vulnerability is not really that innovative and works based on an old trick, known for at least half a decade, first detailed in a 2013 F-Secure report.Īccording to Firsh, the zero-day saw limited use and was only exploited by a Russian-based actor. Telegram zero-day exploited only in Russia The crooks focused their efforts on mining Monero, Zcash, and Fantomcoin primarily.įrish also discovered cases where crooks installed a backdoor trojan (controllable via the Telegram API) and other spyware tools, but in most cases, the malware authors focused on deploying crypto-mining malware. ![]() In the campaigns Firsh was able to track down, crooks used the Telegram zero-day to install malware that secretly mined cryptocurrency on users' computers. Users clicked and ran the file thinking it was an image, but in reality, they executed a JavaScript file that downloaded and installed malware on their system. Users got backdoors, spyware, but mostly miners When the file's name was rendered on screen, the last part of the name was flipped and the file appeared as "photo_high_resj.png", like in the image below: The file names contained the RLO character, which changed text display direction right in the middle of the file's name.įor example, in one campaign crooks sent users a file named "photo_high_re*U+202E*gnp.js", where *U+202E* is the RLO character. This character is used to switch between RTL to LTR text display.įirsh says crooks spammed Telegram users with messages containing file attachments. The ol' filename fliparooĪccording to Firsh, the zero-day is in how the Telegram Windows client handles the RLO (right-to-left override) Unicode character. The zero-day has been fixed in the meantime, but Kaspersky researcher Alexey Firsh says crooks appear to have used the flaw for months before he discovered it last October. Malware authors have used a zero-day vulnerability in the Windows client for the Telegram instant messaging service to infect users with cryptocurrency mining malware, researchers from Kaspersky Lab plan to reveal today.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |