Silent minergate miner reverse – Backdoored

 

I found some ”free” software on the internet backdoored with that Silent Minergate, so this time i downloaded the Minergate to play with.

What i found?

Surprise, surprise … i have a backdoored one!!!

svchost.exe – 66.176.134.167:2404
cykaa.duckdns.org / NS1.DUCKDNS.ORG

getcamsi’N|mc$A{n
startcam1Fd
OpenCamera
Dhrefox StoredLogins
\key3.db
\logins./Q}d
[Firefox StoredLogi;Z5fj;
[Firefox Cookie0
tehwCzgokds & stored logins!]
pwgrab
autopswd$Rs
Downloading file: …. and more.

So.. why this Minergate tries to steal from me and control my computer?!?

Have fun & Stay safe!!!

Alex Anghelus

SC Prodefence SRL CEO - Cyber Security, Pentesting & Ethical Hacking - Malware Analyst

Leave a Reply

SC ProDefence SRL - Cyber Security Services