• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar

IT Breaking News

Latest information technology breaking news from around the world

  • Submit
  • Disclaimers
  • About
  • DMCA
  • Privacy Policy
  • Contact
  • Show Search
Hide Search

You are here: Home / New Malware Norman Uses Your PC to Secretly Mine Cryptocurrency

New Malware Norman Uses Your PC to Secretly Mine Cryptocurrency

· August 14, 2019 ·

Credit: ShutterstockSecurity firm Varonis has uncovered a new strain of cryptojacking malware called Norman that deploys sophisticated techniques to avoid detection. Cryptojacking is an increasingly popular class of malware that mines cryptocurrencies on devices without permission.

According to the researchers, Norman hides itself when you open the Task Manager in Windows to see why your machine is running slow. Once the Task Manager is closed, the cryptojacking malware reinjects itself, as reported by UK tech publication Verdict.

The malware is first deployed via svchost.exe, a Windows process used to perform various operations. It injects the Norman.dll payload, which contains the cryptominer, and then it uses advanced obfuscation techniques to avoid detection while mining the Monero cryptocurrency. Monero is one of the cryptocurrencies with the biggest privacy guarantees, which, in this case, can also help hide if mined coins are leaving a user’s computer.

Who Made Norman? Cryptojacking Malware’s Origins Are a Mystery

Eric Saraga, security researcher and co-author of the Varonis research on Norman, commented on how Norman differentiates from regular malicious cryptominer:

“Norman seems to be an elaborate cryptominer, more so than the average cryptominer. It tries to hide from analysis, and it uses elaborate techniques to hide itself further. This is not typical behavior for cryptominers.”

He added that “there are no traces of its origin.”

The Varonis security researchers couldn’t find too many details about the origin of the Norman cryptojacking malware, except for the code comments written in French. This may indicate the location of the malware maker, or it could be yet another obfuscation technique, this time implemented to hide the identity of the malware’s creator rather than the location of the malware on a user PC.

However, Varonis doesn’t believe that there is a whole group behind Norman. Instead, it thinks it’s much more likely that the cryptojacking malware was developed by a single person with higher than average malware-creation skills.

Cryptojacking started rising in 2017, when the profits from cryptocurrency mining were also high. The use of cryptomining malware has died down somewhat in 2018, as the value of cryptocurrencies plummeted. However, with the value of cryptocurrencies on a seemingly rising trend again, we may see malware creators start embracing cryptojacking once again in the coming months and year.


  • New Mantra Quest Website Reveals Secrets to Life-Changing Powers of Ancient Mantras
  • Trump Condemns White House Staffers’ Use Of Secret Recording Studio
  • New York Lottery offers new instant game using cellphones
  • New Jersey man used neighbor's Wi-Fi to download and distribute child pornography
  • New York man uses bodybuilding weight to kill friend
  • Flour from tofu? Fertilizer from coffee beans? Innovators look for new ways to use food waste
  • FILM REVIEW: Sex-for-sale the subject of new documentary "Scotty and the Secret History of Hollywood"
  • Mesa Undercover Cop Catfishes Creep Using Popular Secret-Sharing App Whisper
  • Trump surrogate Peter Thiel dubbed ‘great ambassador’ for New Zealand despite keeping citizenship secret
  • 'We Could Be Beautiful' book review: New love leads to buried secrets in psychological thriller

Filed Under: Security security, cryptocurrency-cryptojacking malware norman-cyber-security, how to use curl secret, how to use babyliss curl secret, new secrets, secret new york, New Cars vs Used Cars, How to use PS4 controller on PC, Buying a New Car vs Used Car, used pcs, new antivirus software for pc free download, How to Remove Malware From Your Windows PC

Primary Sidebar

RSS Recent Stories

  • The Biggest Tech Fails of 2019
  • What Drives the Tesla Superfans?
  • Elon Musk wins defamation case against “pedo guy”
  • TikTok is the best place on the internet. We should all delete it
  • Startups Weekly: U.S. VCs eye European startups
Copyright © 2019 IT Breaking News. Power by Wordpress.