Creators of the Crackonosh virus earned $2 million USD by infecting more than 200 thousand Windows systems with a cryptominer

A recent security report claims that the operators of the Crackonosh malware have gained around 9 thousand units of Monero cryptocurrency, all thanks to its cryptojacking campaign that has already reached more than 200,000 devices with Windows operating system. At the current exchange rate, the cryptocurrency obtained by hackers is equivalent to about $2 million USD.

The report, published by Avast, mentions that this malware variant is distributed by downloading pirated versions of popular software, including the Microsoft Office suite. The researchers began investigating the issue after receiving some reports about Crackonosh and its ability to disable and uninstall Avast software on the affected devices.

Soon after it was discovered that malware is not only able to disable Avast antivirus, but can also disable other solutions such as Windows Defender and Windows Update.

After disabling these tools, the malware downloads and installs XMRig, allowing the creators of Crackonosh to make money from the cryptojacking scam. Avast also mentions that the developers of the virus is based in the Czech Republic and have infected a total of 222 thousand devices worldwide, acting mainly in countries such as the United States, Brazil, India, Poland and the Philippines.

The report concludes by mentioning that it is difficult to disrupt this attack, as tech users are always looking for copies of popular software on disputable websites: “Users should remember that hackers are always distributing pirated software hoping to infect compromised systems without needing to trick users.”

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.