Cryptojacking Bot “Digimine” Spreading Via FB Messenger in Google Chrome Desktop

Cryptocurrency mining is on the rise and so does the number of instances where wrong ways are used to harvest the digital currency. Just a day before yesterday, we told you about the Loapi Android malware that mines Monero on your device. Even if you’re sitting at a place like Starbucks, mining can happen anytime.

Now, the security firm Trend Micro has reported a cryptocurrency mining bot called “Digimine” that spreads via Facebook Messenger for Google Chrome desktop version. South Korea is the first region where the security firm spotted Digimine, followed by Vietnam, Azerbaijan, Ukraine, Philippines, Thailand, and Venezuela.

The bot presents itself to potential victims as a video file hiding an AutoIt executable script. Trend Micro notes that Digimine doesn’t work when the file is accessed on other platforms where Facebook Messenger is available. And just like Loapi, Digimine is also designed to mine the cryptocurrency Monero from people’s computers.

Digimine bot facebook messenger mining 1


For the victim’s who have the habit of leaving their Facebook account logged in, the malware can manipulate the Messenger to send messages to the victim’s friends automatically.

The extent to which Messenger is being exploited is currently limited. However, the security firm warns about possibilities of attackers compromising the Facebook accounts in the future as a C&C server pushes the code to Digimine, providing room for easy updates in the future.

Many links related to Digimine have been pulled off after Facebook was informed about the spread of the cryptojacking bot.

What to do?

Probably, you can spot Digimine gaining access to your Chrome browser and the system. In case you clicked an unknown video link, the malware would restart Chrome as it installs a Chrome extension. The extension could display a fake Facebook login page or some web page with a video stream while sucking cryptocoins off your machine.

If you sense that your PC is slowing down and fan speed increased, you should immediately look for some fishy extension in the browser and remove it. You can run a deep scan of your system if you think it’s affected.

There are a few things you should take care. For instance, you shouldn’t leave your account logged-in all the time, check your Facebook account’s privacy settings, think before opening and sharing a file, make sure your password is hard enough, turn on two-factor authentication, etc.

Also Read: “I Just Pressed Shift Key 5 Times” — User Gains Full Access On A Windows XP ATM Machine
Aditya Tiwari

Aditya Tiwari

Aditya likes to cover topics related to Microsoft, Windows 10, Apple Watch, and interesting gadgets. But when he is not working, you can find him binge-watching random videos on YouTube (after he has wasted an hour on Netflix trying to find a good show). Reach out at [email protected]
More From Fossbytes

Latest On Fossbytes

Find your dream job