New Reveton Ransomware Variant Mines for Bitcoins

Share it on Twitter  
Share it on Facebook  
Share it on Linked in  

Malwarebytes researchers recently came across a new version of the Reveton ransomware that adds Bitcoin mining functionality to the basic ransomware threat.

While all versions of Reveton demand payments to unlock a victim's computer, the newest version guarantees a profit regardless of whether or not the victim pays the ransom, by using the infected PC to mine for bitcoins.

Upon installation, the malware connects to a command and control server to provide updates on Bitcoin mining operations. In one sample, the researchers noted a huge increase in mining activity in the late evening, then a slow rise again the following evening.

"Ransomware is most commonly spread via drive-by downloads and Reveton especially has been seen working with some of the most notorious exploit kits available today," writes Malwarebytes malware intelligence lead Adam Kujawa. "Disabling Java Script and keeping all of your plugins and browser as up to date as possible will help deter any attempts for Ransomware to steal your system and maybe even your money."