Researchers from computer security company ESET discovered a new cross-platform cryptocurrency software called LoudMiner, which comes bundled with pirated software. Using Quick Emulator (QEMU) virtualization software on macOS and VirtualBox on Windows, LoudMiner can mine cryptocurrency on a Tiny Core Linux virtual machine. User devices can be infected by the crypto currency miner by downloading pirated copies of a type of audio software plug-in interface called Virtual Studio Technology (VST). Once infected, LoudMiner uses the compromised machines to mine the cryptocurrency, and the smaller one even has the ability to self-update itself by using the secure file copy (SCP) named after it. Built-in user and a private SSH key.
LinerMiner
Marc-Etienne M. Léveillé, a malware researcher at ESET, explains why LoudMiner targets systems running audio software, as follows: "LoudMiner targets audio applications, since the machines running them often have higher processing power. These applications are typically complex and CPU intensive. Users will not find this activity unusual. The use of virtual machines instead of another lightweight solution is quite noticeable and this is not something we have seen before ESET discovered that LoudMiner has been in use since August 2018 and recommends that users avoid downloading pirated copies of commercial software to protect themselves. ESET also advises users to be wary of pop-ups installed by unexpected "extra" installers, increased CPU consumption, and curious new services and domain name connections. For more details about LoudMiner, you can read the LoudMiner Report: Cross-Platform Exploitation in ESET Cracked VST Software.