New Malicious Monero Miner Crashes Computers When Attempting to Remove it

It has been a while since cryptocurrency malware was worth paying much attention to. With cryptocurrency mining having become more common, criminals are once again taking notice. WinstarNssmMiner may have a weird name, but it is a very potent cryptocurrency mining malware strain. Attempting to remove it will result in a complete system crash.

WinstarNssmMiner Means Business

In the world of cryptocurrency malware, getting rid of specific types of software will always remain one of the more pressing problems. This was the case when ransomware gained traction and will apply to every new type of malware making the rounds in the future. The recently discovered WinstarNssmMiner malware illustrates that point perfectly. Getting rid of this mining malware is not only difficult, but it will render one’s system completely useless as well.

This particular malicious crypto miner has been making the rounds for quite some time now. It was discovered by 360 Total Security, and was allegedly part of a massive attack on computer users not too long ago. Half a million “attempted” attacks have tried to install this malware on computers around the world, although it remains a bit unclear how successful this effort has been to date.

As one would expect from a malicious cryptocurrency miner, it is designed to mine the Monero cryptocurrency. This is one of the few currencies in the world which is still capable of being mined with a regular computer and CPU, even though there isn’t much money to be made from doing so these days. Criminals have tried to infect thousands, if not millions of computers with malware such as this one in order to create an effective botnet.

This malicious Monero mining software is capable of mining XMR by stressing one’s computing resources. It is a bit unclear what percentage it tries to hijack, as most malware is designed to remain under the radar for as long as possible. An aggressive approach yields higher short-term results, but in the end, it also makes users aware that something’s amiss with their computers. Even so, WinstarNssmMiner’s infectees cannot easily get rid of this malware.

That’s because the miner is capable of crashing a victim’s PC once an antivirus solution attempts to kill the Windows process. WinstarNssmMiner is also capable of turning off antivirus protection at any time, which means there is no real course of action to be taken by the user. From degraded system performance to blue screens filled with errors, this malware is pretty powerful and annoying. It also shows how crafty malware developers have gotten over the past few years.

It is evident that malware of this magnitude would not be successful if it were used for solo mining. Instead, it uses at least four different mining pools to mine Monero on behalf of criminals. With its code base having been derived from XMRig, these criminals have turned a legitimate project into a tool for nefarious individuals. It’s a very worrisome trend, and one that will not be going away anytime soon.