Digmine Cryptocurrency Miner uses Facebook Messenger to spread

According to foreign media reported on December 21, Trend Micro in Korea found a new type of cryptographic money mining tool Digmine, the main work is to use fake video files to infect users and spread through Facebook Messenger, trying to stay as long as possible users System, in order to infect more user equipment, thereby increasing the potential revenue of cybercrime. According to the survey, Digmine currently mainly spreads in Vietnam, Azerbaijan, Ukraine, Vietnam, the Philippines, Thailand, and Venezuela.

Digmine encodes in AutoIt and sends the user fake video files. But in fact the file is an AutoIt executable script, if the user’s Facebook account is set to automatically log in, then Digmine will be able to manipulate Facebook Messenger in order to send the file link to the account of friends, in order to infect the purpose of more user devices. It should be noted that, although Facebook Messenger can run on different platforms, Digmine only applies to Facebook Messenger desktop/web browser (Chrome) version. Malicious software will not work if malicious files open on other platforms, such as mobile platforms.

After Digmine mining tools were disclosed, Facebook quickly removed many Digmine-related links from its platform. Facebook said in an official statement that Facebook currently maintains many automated systems to help stop harmful links and files.

Researchers suggest that users be wary of using social media accounts in order to avoid these types of threats: watch for suspicious and unsolicited messages, enable privacy settings for their accounts, and confirm when they click on a link or share information.

Source: TrendMicro