The script used for mining was being spread through a fraudulent Adobe Flash Player update and the operation was successful to the extent that it was mining US$700 worth of the monero cryptocurrency every day.
The researchers said that about 6000 machines had been infected in a few months.
OSDSoft was offering free video download software in 2011. It was registered under the name of one Ivan Koslov and had Facebook, Twitter and YouTube accounts all promoting the software.
|
These programs resorted to stealth measures to avoid being detected and the Check Point researcher theorised that this could have been the beginning of a malicious campaign that had not culminated in the cryptocurrency mining endeavour.
Windows users who visit the OSDSoft site see a pop-up when they click on any part of the site and will be told to download a Flash update.
"OSDSoft’s author does not want to waste any time in this campaign either, for while waiting for the monero miner to download, the malignant websites additionally use the CoinHive cryptomining malware to mine through the browser and maximise his profits," Check Point said.