Linux worm diversifies to mine cryptocurrencies
A Linux worm that targets routers and set-top boxes is now looking for full-fledged computers to use its new feature, a cryptocurrency mining function, according to Symantec.
Symantec spotted the worm, which it calls Darlloz, in November. It was preloaded with usernames and passwords for routers and set-top boxes that run Linux on Intel’s x86 chip architecture and other embedded device architectures such as PPC, MIPS and MIPSEL.
The latest variant of Darlloz, found by Symantec in mid-January, looks for computers running Intel’s architecture, wrote Kaoru Hayashi, a senior development manager and threat analyst with Symantec in Japan. This version of the worm installs “cpuminer,” which is an open-source mining program, he wrote. It then begins mining for Mincoins or Dogecoins, two spinoff cryptocurrencies from Bitcoin.