Hackers use Brazilian government websites to mine cryptocurrencies

Known as the 8220 Gang, the hacking group continues to infect computers around the world, turning them into cryptocurrency mining zombies. According to SentinelOne information, the group would even use official Brazilian government domains as part of the plan.

In an article published by live coins, in 2019 it is clear that the security of such domains is not perfect. After all, a lot of malicious information has already been published on government websites, without government permission.

As a recommendation to users, the basic principle is to use any type of antivirus, even free ones, after all, they have good efficiency in detecting cryptocurrency miners. In addition, it saves you headaches if you are in doubt about any links sent by third parties.

Malware mining cryptocurrencies uses Brazilian government domain

The 8220 Gang – also known as the 8220 Mining Group – which hijacked computers to mine cryptocurrencies came into existence in 2018 and has since expanded its operations. In total, it is estimated that more than 30,000 services are infected with this malware.

In the report, security firm SentinelOne points out that this group of hackers is not as skilled. Anyway, the same is the use of official Brazilian government domains as part of the scheme.

“One of the standout features of PwnRig is the fake government domain pool request.”

“The latest version uses fbi.gov.br and 161.148.164.31,” writes SentinelOne. “Although the FBI subdomain is not real, the IP address is the active IP address hosting the gov.br domain – the real Brazilian federal government domain.”

The software used by the hackers is a modified version of an open source Monero (XMR) miner. In other words, the program will use the victim’s processor (CPU) to make money, which can slow down the computer and in the worst case burn it due to the incessant high demand.

How to protect yourself from malware mining cryptocurrencies

The most important tip to protect yourself from malware that mines cryptocurrencies without your permission is to use a good antivirus. Even the free ones have good efficiency against such a threat.

Another point is not to access suspicious websites, especially if they are sent by strangers or if they are in suspicious promotions, such as fake YouTube Lives.

Anyway, a sudden slowdown of the computer is one of the signs that malicious software is using your processor to mine cryptocurrencies, which can be viewed in Windows Task Manager without the need for additional programs.

Source: Live Coins

follow:
\