Trojan Turns Raspberry Pi into a Cryptocurrency Mining Device

Jun 13, 2017

Two trojans in the wild are targeting Linux machines.

The Russian security firm Doctor Web has discovered two trojan programs that target Linux machines. One Trojan turns Raspberry Pi machines into a cryptocurrency mining device, and the other runs a proxy server on Linux systems.

The Trojan named Linux.MulDrop.14 targets Raspberry Pi devices, changing the password on the devices it infects, then unpacking and launching a miner, which, in an infinite loop, starts searching for network nodes with an open port 22 to replicate itself.

According to Doctor Web, “The Trojan is a script that contains a compressed and encrypted application designed to mine cryptocurrency.”

The second Trojan, dubbed Linux.ProxyM, uses a special range of methods to detect honeypots – special decoy servers used by digital security specialists to examine malicious software.

“Once launched, it connects to its command and control server and, after getting confirmation from it, runs a SOCKS proxy server on the infected device. Cybercriminals can use this Trojan to ensure that they remain anonymous online,” noted Doctor Web.

Related content

comments powered by Disqus
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs
Subscribe to our ADMIN Newsletters

Support Our Work

Linux Magazine content is made possible with support from readers like you. Please consider contributing when you’ve found an article to be beneficial.

Learn More

News