The bad news for Zoom keeps coming rolling in with Trend Micro researchers finding CoinMiner being bundled with a legitimate installer of the video conferencing software.

The good news is the installer, Zoom installer version, is not from the company’s official download center, but likely from a fraudulent third-party store, Trend Micro reported. However, it does install a working version of zoom, along with the cryptocurrency mining malware.

CoinMiner is capable of mining bitcoin, Monero, and Ethereum and when operating soaks up the majority of a systems computing resources causing it to run slowly and use a great deal of extra power.

Recommended Reading: Mozilla patches exploited zero-day flaw in Firefox

Once injected into a system the malware first does a system check. Using the CPUinfo tool it determines whether the device is running a 64 or 32-bit system and will then drop into any 64-bit computer encountered. There is no 32-bit version of the malware being used.

Further information on the systems GPU, operating system, video controllers and processors has then gathered along with a determination if the target is running Windows Defender, Microsoft Smartscreen or an antivirus program and if found the malware will attempt to hide itself.


Please enter your comment!
Please enter your name here