A lot of things are happening in the world of malware and ransomware. Cryptocurrency remains a very prominent target for criminals in this regard. A new malware, which goes by the name of Xbash, seems to combine all of the worst aspects of different malware types into one. A worrisome development, especially if this becomes a growing trend.
XBash is a Very Serious Threat
Cryptocurrency enthusiasts have seen their fair share of experiences with malware in different forms. Wallet-stealers, clipboard-information altering software, ransomware, and Trojans are just some of the examples. As if that is not enough, it now seems cryptojacking is becoming incredibly popular, with hundreds of thousands of devices infected by this type of malware over the past few months.
It now seems some criminals are looking to bring out the worst in malware in a new campaign. The Xbash malware strain is the first example of what the future may hold in this regard. It is designed to target both Windows and Linux systems, and uses cryptomining, ransomware, botnet, and self-propagation tools all in one.
Multi-functional malware has been a growing industry for quite some time now. Although a combination of data destruction and ransomware is nothing new, adding botnet and cryptojacking features to this particular package show criminals will continue to explore new methods in this regard. The fact XBash can spread itself through an entire network in quick succession raises a lot of concerns as well.
Early reports indicate several dozen people and institutions have fallen victim to XBash at this stage. It is expected some victims made an associated ransom payment, as $6,000 has been sent over to the criminals in the process. That figure is a big surprise, as Xbash’s ransomware capability offers no way of recovering data once the payment has been completed.
Under the hood, XBash appears to make use of three different vulnerabilities which can be leveraged against Linux and Windows. The choice to include Linux targets is rather telling, considering Windows is the most commonly used operating system among consumers. In the business world, however, things are very different. Linux reigns supreme in that department, further confirming XBash is not necessarily designed to target regular users.
Security researchers are concerned XBash shows some eerie similarities with WannaCry and NotPetya. It is possible this new malware borrows a lot of code from those two particular malware strains, as both of them have been incredibly successful over the years. It is evident cryptojacking will play an increasing role of importance in the malware industry.