Talk about mining for gold.
Security researchers say they detected an online company posing as a cryptocurrency mining platform for Mac or Windows PCs. The name is JMT Trader.
The company is a fake, according to the research, but the mining platform is real. And when you install it, the platform also installs a backdoor which allows attackers to exfiltrate data from your device.
Bleeping Computer has a good write-up on this crypto mining fake:
"When the JMT Trader is installed, though, the installer will also extract a secondary program called CrashReporter.exe and save it to the %AppData%\JMTTrader folder. This program is the malware component and acts as a backdoor. This malware currently has only 5/69 detections on VirusTotal.
A scheduled task called JMTCrashReporter will be created that launches the CrashReporter.exe every time a user logs into the computer."
That CrashReporter.exe then connects to a command and control server.
Researchers suspect North Korean cybercriminals could be behind this newly detected scheme.
