Threat researchers have newly discovered malicious code in WAV audio files, code that hackers use to mine cryptocurrencies.
Hackers earn thousand of dollars per month.
On Oct. 19, researchers at BlackBerry Cylance, a software company that develops antivirus programs, reported the discovery of malicious code hidden within WAV audio files. This type of malware campaign, where hackers conceal malware codes in ordinary-looking files, is known as steganography.
The analysis showed that some of the WAV files contained code to deploy malware for monetary gain and establish remote access within victim machines. The report reads:
“When played, some of the WAV files produced music that had no discernible quality issues or glitches. Others simply generated static (aka white noise).”
The malicious WAV files allow hackers to deploy CPU miners onto the victim’s device, which steals processing resources and generates thousands of dollars per month from mining cryptocurrency. For that reason, crypto miners are a popular malware payload among hackers as they provide monetary benefit while operating in the background without the user’s knowledge — an attack commonly known as cryptojacking.
North Korean hackers target Apple Macs:
Researchers claimed that, at the time of their new warning, the malware was undetected by any engines on VirusTotal. The sample appeared to be closely related to a strain of Mac malware identified by Kaspersky Labs back in the fall 2018.