BlackBerry Cylance, a software firm involved in the development of anti-virus program, has identified malicious code in WAV audio files, implying that hackers are now using such files for mining cryptos without authorization from system owners.
Such kind of malware campaigns, which hosts malicious code concealed in audio files with WAV format, is referred to as steganography.
The analysis indicated that a portion of the WAV files had the necessary code to install malware for financial benefits and setup remote connectivity within the unsuspecting machine of users.
The research report from BlackBerry Cylance stated as follows:
“When played, some of the WAV files produced music that had no discernible quality issues or glitches. Others simply generated static (white noise).”
The WAV files with malicious content enable hackers to employ CPU miners in victim’s system, use processors without authorization and earn thousands of dollars every month by mining cryptos.
That is why crypto miners are most sought after by hackers as they offer tremendous financial benefits while running in the background without knowledge of owner. The process is generally referred to as crypto jacking.
The infamous North Korean hackers, referred to as the Lazarus APT Group, have developed another malware that is specifically built to exploit Apple Macs by hiding behind a pseudo cryptocurrency company.
Researchers stated that at the time of sending out the alert message, the malware was unnoticed by any programs on VirusTotal. A portion of the codes resembled with Mac malware discovered by Kaspersky Labs in summer 2018.