What is Digmine?
Digmine is a new cryptocurrency-mining bot. It secretly mines the popular cryptocurrency an alternative to Bitcoin, Monero, has been found infecting Facebook Messenger users across the globe.
How Digmine Spreads?
If the user’s Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the account’s friends. The malware is disguised as a video file, usually named “video_xxxx.zip”, and installs a Monero miner as well as a malicious Chrome extension, which helps Digmine spread to other victims.
Researchers say the Monero mining malware only affects Facebook Messenger’s desktop Chrome application. The malicious Chrome extension that the malware installs onto victims’ PCs allows it access to victims’ Facebook accounts and can send private messages to all their contacts, thereby spreading itself.
The Main Problem
The main problem is that it uses your computer to mine Bitcoin and Monero. Crypto-mining malware works by hijacking a computer’s processing power to help generate coins and confirm transactions for digital exchanges.
Mining a Bitcoin eats up a lot of power and so it has become lucrative for criminal gangs to infect computers en masse to do the job, earning them cryptocurrency including Bitcoin in return. It also wants to infect as many machines as possible, as this translates to an increased hashrate and potentially more cybercriminal income.
If Chrome is already running, the malware will terminate and relaunch Chrome to ensure the extension is loaded. While extensions can only be loaded and hosted from the Chrome Web Store, the attackers bypassed this by launching Chrome via command line.
It was first spotted in South Korea, it has since spread to other countries as well. So far, the malware has infected victims in Vietnam, Azerbaijan, Ukraine, Vietnam, Philippines, Thailand and Venezuela. Security experts at Trend Micro, who discovered the malware, fear that given its current propagation, Digmine could also soon reach other countries.
Only Possible Solution
The Only Possible Solution is that do not open any unnecessary links, New Year is coming soon, your friends will send you some wishes links for New Year, positively do not open any links, who says your computer might be the next crypto miner for hackers.
Facebook users are advised to make sure they do not click on links they do not recognize. Some of the examples included the phrase “thisaworkstation.space”, “mybigthink.space” and “thisdayfunnyday.space”.
Facebook said: “We maintain a number of automated systems to help stop harmful links and files from appearing on Facebook and in Messenger.
“If we suspect your computer is infected with malware, we will provide you with a free anti-virus scan from our trusted partners.
“We share tips on how to stay secure and links to these scanners on facebook.com/help.”