Digmine Cryptocurrency Mining Malware Being Spread via Facebook Messenger: Trend Micro

Advertisement
By Indo-Asian News Service | Updated: 25 December 2017 16:35 IST
Highlights
  • Digmine malware said to only affect Messenger's desktop, Web versions
  • Digmine was first observed in South Korea
  • It has since spread to Vietnam, Thailand, and other countries

A new cryptocurrency-mining bot, named "Digmine", that was first observed in South Korea, is spreading fast through Facebook Messenger across the world, Tokyo-headquartered cyber-security major Trend Micro has warned.

After South Korea, it has since spread in Vietnam, Azerbaijan, Ukraine, the Philippines, Thailand, and Venezuela. It is likely to reach other countries soon, given the way it propagates.

Advertisement

Facebook Messenger works across different platforms but Digmine only affects the Messenger's desktop or Web browser (Chrome) version. If the file is opened on other platforms, the malware will not work as intended, Trend Micro said in a blog post.

Digmine is coded in AutoIt and sent to would-be victims posing as a video file but is actually an AutoIt executable script.

If the user's Facebook account is set to log in automatically, Digmine will manipulate Facebook Messenger in order to send a link to the file to the account's friends.

The abuse of Facebook is limited to propagation for now, but it wouldn't be implausible for attackers to hijack the Facebook account itself down the line. This functionality's code is pushed from the command-and-control (C&C) server, which means it can be updated.

Advertisement

A known modus operandi of cryptocurrency-mining botnets and particularly for Digmine (which mines Monero), is to stay in the victim's system for as long as possible. It also wants to infect as many machines as possible, as this translates to an increased hash rate and potentially more cybercriminal income, the blog post stated.

The malware will also perform other routines such as installing a registry autostart mechanism as well as system infection marker. It will search and launch Chrome, then load a malicious browser extension that it retrieves from the C&C server.

Advertisement

If Chrome is already running, the malware will terminate and relaunch Chrome to ensure the extension is loaded. While extensions can only be loaded and hosted from the Chrome Web Store, the attackers bypassed this by launching Chrome via command line.

 

Get your daily dose of tech news, reviews, and insights, in under 80 characters on Gadgets 360 Turbo. Connect with fellow tech lovers on our Forum. Follow us on X, Facebook, WhatsApp, Threads and Google News for instant updates. Catch all the action on our YouTube channel.

Advertisement

Related Stories

Popular Mobile Brands
  1. Vivo Y500 4G Makes Global Debut With an 8,100mAh Battery: See Price
  2. Samsung Galaxy Z Fold 8 Series Could Ship With This Notable Display Upgrade
  3. Apple Brings Back Card Payments for App Store, iCloud Transactions in India
  4. Best Amazon Prime Day Laptop Deals for Students
  5. Vivo G5i, Vivo G5z Launched With 7,200mAh Battery, Snapdragon 4 Gen 2 SoC
  1. Nothing Ear 3a Spotted in Leaked Renders That Leave Little to the Imagination Ahead of Their Debut
  2. Vivo G5i, Vivo G5z Launched With 7,200mAh Battery, Snapdragon 4 Gen 2 SoC: Price, Features
  3. Redmi Note 17 and Poco M8 Plus Appear on BIS Certification Database, Might Launch in India Soon: Report
  4. Stablecoin Transactions Hit Record $1.79 Trillion in June, Analytics Show
  5. South Africa Proposes Crypto Tax Guidance Under Existing Framework
  6. Insta360 X6 Could Launch Soon With Larger Sensor, US FCC Listing Suggests
  7. Vivo V80 Series Price Range in India, Launch Timeline Tipped Along With Key Specifications, Features
  8. Huawei Pura 90 Series Global Launch Set for July 14; Pura 90s Pro Max Teased
  9. Apple Brings Back Card Payments for App Store and iCloud Transactions in India After Five Years
  10. Samsung Galaxy Z Fold 8 Series Tipped to Launch With a New Hinge to Minimise Display Crease
Download Our Apps
Available in Hindi
© Copyright Red Pixels Ventures Limited 2026. All rights reserved.