![[The AI Show Episode 143]: ChatGPT Revenue Surge, New AGI Timelines, Amazon’s AI Agent, Claude for Education, Model Context Protocol & LLMs Pass the Turing Test](https://www.marketingaiinstitute.com/hubfs/ep%20143%20cover.png)
![[DEALS] Koofr Cloud Storage: Lifetime Subscription (1TB) (80% off) & Other Deals Up To 98% Off – Offers End Soon!](https://www.javacodegeeks.com/wp-content/uploads/2012/12/jcg-logo.jpg){kind=logo}
_Muhammad_R._Fakhrurrozi_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
_NicoElNino_Alamy.jpg?width=1280&auto=webp&quality=80&disable=upscale#)
![M4 MacBook Air Drops to Just $849 - Act Fast! [Lowest Price Ever]](https://www.iclarified.com/images/news/97140/97140/97140-640.jpg)
![Apple Smart Glasses Not Close to Being Ready as Meta Targets 2025 [Gurman]](https://www.iclarified.com/images/news/97139/97139/97139-640.jpg)
![iPadOS 19 May Introduce Menu Bar, iOS 19 to Support External Displays [Rumor]](https://www.iclarified.com/images/news/97137/97137/97137-640.jpg)
Hackers Selling Advanced Stealthy HiddenMiner Malware on Dark Web Forums
A new threat actor is offering an enhanced version of HiddenMiner, a sophisticated cryptomining malware targeting Monero (XMR) cryptocurrency. This customized tool, being sold on underground forums, combines advanced evasion techniques with an accessible user interface, potentially lowering the barrier to entry for aspiring cybercriminals. Unlike traditional cryptomining malware, HiddenMiner incorporates several technical enhancements to […] The post Hackers Selling Advanced Stealthy HiddenMiner Malware on Dark Web Forums appeared first on Cyber Security News.
A new threat actor is offering an enhanced version of HiddenMiner, a sophisticated cryptomining malware targeting Monero (XMR) cryptocurrency.
This customized tool, being sold on underground forums, combines advanced evasion techniques with an accessible user interface, potentially lowering the barrier to entry for aspiring cybercriminals.
Unlike traditional cryptomining malware, HiddenMiner incorporates several technical enhancements to maximize profitability while minimizing the risk of detection and removal.
Sophisticated Features for Stealthy Cryptocurrency Mining
The latest iteration of HiddenMiner is advertised with an array of features designed to maintain persistence and evade detection.
According to forum listings, the malware operates with a one-click installation process, allowing even technically inexperienced threat actors to deploy the miner effectively.
HiddenMiner’s combination of anti-detection capabilities with simplified deployment significantly increases its potential for widespread distribution.
The malware employs Virtual Machine bypass techniques (AntiVM) to detect whether it’s running in virtualized environments commonly used by security researchers and sandboxes.
When HiddenMiner detects analysis environments, it alters its behavior to appear benign, making detection through automated analysis more difficult.
One of the most concerning capabilities is its ability to operate without administrator privileges while still achieving privilege escalation.
The malware exploits Windows User Account Control (UAC) bypass techniques to gain elevated permissions without triggering security prompts.
HiddenMiner uses rootkit techniques to conceal its activities on infected systems. The malware can hide both processes and folders using advanced stealth methods, making it exceptionally difficult for users to detect its presence.
According to forum advertisements, it actively blocks antivirus programs, security scanners, and popular analysis tools.
The cryptominer implements persistent auto-download functionality that ensures it remains active even after system reboots.
When Windows starts, the malware automatically reactivates, continuing its cryptocurrency mining operations.
The malware is offered at a price range of $40-$100, depending on the specific feature set required. The threat actor also advertises optional add-ons, including dual mining capability (XMR+ETH) for an additional $30.
Most notably, the package includes technical support for one month, highlighting the increasingly service-oriented nature of cybercrime.
According to the Report, When installed on a victim’s device, HiddenMiner hijacks computing resources to mine Monero cryptocurrency, a privacy-focused digital currency preferred by cybercriminals due to its untraceable transactions.
Victims may experience significant system slowdowns, increased electricity consumption, and potential hardware damage from overheating.
Unlike ransomware, which announces its presence, cryptominers like HiddenMiner operate silently, potentially remaining undetected for extended periods while generating continuous profits for attackers.
Security experts recommend maintaining updated security solutions, monitoring system performance for unexplained resource usage, implementing application whitelisting, and using hardware monitoring tools to detect unusual CPU or GPU activity that might indicate cryptomining malware infection.
Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.
The post Hackers Selling Advanced Stealthy HiddenMiner Malware on Dark Web Forums appeared first on Cyber Security News.
