Tencent Yujian: "Tiger" mining Trojan spread through social engineering deception, has infected more than 5,000 computers in Beijing, Guangdong and other places

According to WeChat public account @ 腾讯 御 见 ’s Threat Intelligence Center, the system detected a“ Tiger ”mining Trojan (LaofuMiner) spread through social engineering fraud. The attacker disguised the remote control Trojan program as "hot news", "pornographic content", "privacy information", "scam tricks" and other file names and sent it to the target computer through social networks. The victim double-clicked to view the file and was immediately installed. "Grey Wolf" remote control Trojan. The attacker controlled the poisoned computer to download the mining Trojan through the remote control Trojan. The poisoned computer then became a miner. The Trojan has infected nearly 5,000 computers. Because the self-built mining pool used for its mining contains the character "laofubtc", the Yumi Threat Intelligence Center named it LaofuMiner, and traced the source through the Tencent Antu system, and found that the tiger mining Trojan is the same as other 2018 The Grizzly Mining Trojan (BearMiner) reported by security vendors belongs to the same black gang. According to statistics, LaofuMiner has infected more than 5,000 computers, and the most affected areas are Beijing, Guangdong, Shanghai, Henan, Shandong and other places.