VERY IMPORTANT

As protection methods improve, the developers of miners have had to enhance their own creations, often turning to non-trivial solutions. Several such solutions (previously unseen by Kaspersky Labs) were detected during an analysis of the open source miner XMRig. In an example from August of this year, Kaspersky noticed an infection on a victim’s machine that installed a generic trojan, which installed administration programs, added a new user, and opened RDP access to the computer. Finally, the ransomware, Trojan-Ransom.Win32.Crusis, started on the same machine, followed by loading XMRig miner, which then began mining Monero cryptocurrency.