While the world mourns the unexpected death of the NBA star Kobe Bryant, malicious actors didn’t spend much time taking advantage of the situation.
Microsoft has discovered and deactivated a cryptojacking malware hidden inside a Kobe Bryant Nike wallpaper. The malware was reported by Redmond’s security intelligence unit via Twitter.
“We found a malicious HTML file posing as a Kobe Bryant wallpaper that contains a coin mining script,” the tweet reads.
Microsoft Defender SmartScreen blocks the website hosting the coin miner. Microsoft Defender ATP detects the malicious HTML file as Trojan:HTML/Brocoiner.N!lib (SHA-256: 86031a7d35968a1ff1f20441afce6eee504cdb98c1fbee9a4708ad989a5f2269)
— Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020
Microsoft Security Intelligence has identified the malicious HTML file as a Trojan. It contains a script that performs cryptojacking after connecting to a website hosting the coin miner. It utilizes the victim’s CPU power to illegally mine Monero (XMR), as it contains references of the now-defunct CoinHive miner.
However, Microsoft also added that the Windows Defender SmartScreen tool is now capable of blocking the said website, thereby deactivating the crypto-jacking malware. The job of SmartScreen to find potentially malicious websites, apps, executables.
It isn’t the first time we have seen cryptocurrency miners masquerading themselves as images of popular celebrities. Another well-known case of the American country singer Taylor Swift whose image was used to spread MyKingz botnet back in 2019.
via Yahoo News