Palo Alto Networks has discovered a unique malware family that can mine bitcoins via the victim’s CPUs and GPUs. The malware, called PWOBot, is completely written in Python and compiled via PyInstaller, generating a Microsoft Windows executable, according to a Palo Alto Networks posting. The malware has affected European organizations, mainly in Poland. A Polish file-sharing service delivers the malware.
The malware can download and execute files, log keystrokes, execute Python code and mine bitcoins via the affected computers’ GPUs and CPUs.
The malware has been noticed as far back as late 2013. There are at least two variants. Recent attacks have affected organizations from mid to late 2015.
Numerous Victims Attacked
The malware has affected the following victims: a large Polish retailer, a Polish shipping company, a Polish national institution, a Polish information technology organization, a Danish building company, and a French optical equipment provider.
Chomikuj.pl, a Polish file sharing web service, downloaded most of the PWOBot samples. The following URLs have provided PWOBot copies.
Read more ... source: TheBitcoinNews