Cryptojacker Autom Malware Tries Hard to Avoid Detection
As cryptocurrency has grown in popularity over the past several years, cybercriminals have increasingly utilized malicious codes to mine digital coins using the computing power of compromised systems. Autom is one such cryptominer that was first detected in 2019.
In the time since, according to DevSecOps and cloud security firm Aqua Security, a total of 84 Autom cryptominer attacks against researchers’ honeypot servers have been reported, with four of these attacks detected in 2021. Researchers report that the Autom developers have continually attempted to improve its code, making the cryptominer capable of avoiding detection by various anti-malware software.
The initial Autom version used to execute a threatening command. First, users would run a vanilla or generic stock image named “alpine:latest.” That set forth a chain of events that resulted in a shell script “autom.sh.” being downloaded to the victim’s system.
This strategy continues to work for Autom, as most organizations trust official vanilla images and allow their use. A recently added feature gives the malware the ability to remain invisible to detection. Since the malware is Base64-encoded five times, it can avoid various security tools.
Recently, the well-known security flaws in the Log4j logging library have been exploited to execute a crypto-jacking scheme. This comes on top of the newly discovered vulnerabilities in Atlassian Confluence, F5 BIG-IP, Oracle WebLogic Servers, and VMware vCenter that have also been exploited. Network-attached storage (NAS) appliance maker QNAP has also announced the discovery of cryptocurrency mining malware that could leverage around 50% of the total CPU usage to obtain its ill-gotten gains.
How Do I Remove Autom Malware?
You should use a reputable malware remediation tool to scan for and remove Autom Malware from your computer. You should also be wary of computer performance issues like the overexertion of your CPU or GPU that may point to a cryptojacker presence in your system.
