New Malicious Software Doesn’t Want to Be Seen
A new malware variant used to mine for cryptocurrency, identified as Norman, takes a unique approach to avoid detection. Cryptominers are malicious software hackers use that occupy the CPU usage of devices, often rendering them utterly useless. Unfortunately, many traditional antivirus solutions will not stop them, and they are difficult to detect. The most effective way to identify if your device is being used for cryptomining is to check the CPU use through Task Manager. That is unless you’re a victim of Norman.
The creators of Norman have designed the malware to terminate once Task Manager is accessed. Therefore, when users are checking their CPU use, it will not show the malicious software that is occupying the device. Then, once Task Manager is closed, Norman goes back to work.
The best way to avoid falling victim to cryptomining is to deploy a security solution that implements application whitelisting. Using an application whitelist will only permit known, trusted programs to execute.