Secret Mining Malware on Gaming PCs Mined Over $1.9M Worth of Monero (XMR): Avast

Popular antivirus firm Avast has published a report about a crypto mining malware developed by cybercriminals to mine privacy-focused coin, Monero (XMR) on high-performing gaming PCs. 

The malware, dubbed Crackonosh, is found in cracked versions of gaming software downloaded on different torrent sites, the report states.  Avast commenced an investigation into the malware after its users complained on several social media platforms like Reddit that the antivirus was missing from their PCs. 

According to the report, games like Jurassic World Evolution, Far Cry 5. Grand Theft Auto V (GTA V), The Sims 4, as well as NBA 2K19 are among the games corrupted with the malware. 

How Malware Infects PCs

Notably, when unsuspecting victims download the cracked versions of these games from torrent sites and install them on their gaming PC, the malware is also installed in the form of popular Monero coin miner XMRig. 

The coin miner uses the PC processing power to mine XMR for the cybercriminals, causing the PC to experience slow performance and users may notice a hike in electricity tariff as a result of the illegal crypto mining being conducted on their PC. 

The malware, which is believed to be developed by a Czech citizen, has been in existence since 2018 and has successfully mined a total of 9,000 XMR which is worth approximately $1.9 million at today’s prices.

Aside from using the CPU’s processing power to mine cryptocurrency, Crackonosh also goes as far as disabling the users’ antivirus, thus exposing the PC to further attacks. 

Over 220,000 Avast Users Affected

Commenting on the development, Daniel Benes, a researcher working with Avast, told CNBC that the crypto malware has been successfully installed in over 220,000 PCs globally, with about 800 computers being infected on a daily basis. 

Benes noted that the number of infected users globally could be higher than what was published because Avast was only able to arrive at the stats by identifying malicious software on devices that have its antivirus installed. 

So far, Brazil, the Philippines, and India have the most affected number of users, Benes added.