WebCobra
The report made it known that the malware functions like most other cryptojacking malware present in the market right now right. As per usual, WebCobra is designed to steal the computing power of its victims. The computing power is then used for the mining of Monero or Zcash. The mining is usually being done in a stealth mode. As a result of this, the unsuspecting victims cannot detect this malware. The researchers from McAfee Labs noted that the malware is one of the most sophisticated they have ever seen, thereby making this particular malware highly lethal.
The researchers were also able to trace the origin of the Malware. It was stated that the Malware originated from Russia.
Based on some previous news, there has been a rise in the number of cryptojacking malware attacks. As regards this enormous rise in cryptojacking attacks, all indicators are pointing towards the previous spike in the price of coins. This has attracted cybercriminals to the industry. Also, the fact that cryptojacking requires very little effort once they can get the victim to install the malware on their system plays a major role.
How WebCobra Functions
The McAfee Labs also made a report on how the malware carries out its operation. The report stated that:
“On x86 systems, it injects Cryptonight miner code into a running process and launches a process monitor, ”
The report further stated that:
“On x64 systems, it checks the GPU configuration and downloads and executes Claymore’s Zcash miner from a remote server.”
The report also made it known that of all the countries the malware has been identified, Brazil, South Africa, and the United States had the highest number of infections.