Hi Experts,
We are having trouble from AutoIt-compiled Bitcoin mining programs used to drop malicious code. These codes are encrypted and are capable of bypassing common analysis tools/systems used by security researchers. We come across a large number of such malicious tools on public forums offering free premium accounts to online hosting services. If you happen to run one of these malicious programs under VMware, the malware won’t run and throws up an error message that looks like the one shown below. And this looks genuine. And no one bothers to examine further thinking there is a problem with the firewall settings. Can anyone suggest a method to check out this malware and a method to detect such tools in the future? Thanks in advance.
Connection failed: Can’t retrieve lastest premium accounts. Please check your Internet connection!
Make sure your Firewall doesn’t block DPA – Daily Premium Accounts!
Autolt- complied malicious Bitcoin Mining programs
That is a misleading message that is only trying to persuade the user to allow the program to pass through the Windows Firewall because of the supposed error message which is actually not true. It only wants to make sure that the program can access or has full access in and out of the computer over the internet and this is very dangerous for your data.
Your only hope against these malicious codes is to use a dependable antivirus. One dependable antivirus application is the Norton Internet Security. It has a built-in Smart Firewall that monitors online activities and prevents unauthorized access to and from the computer. It automatically detects and blocks online risks and threats ensuring the security of your system.
You can download the latest version from Norton Internet Security 2014. This one has a free 30-day trial period so you will have plenty of time to test its effectiveness. It supports Windows XP, Windows Vista, Windows 7, and Windows 8. If you have this antivirus on your computer, you don’t have to install a separate firewall software because it might conflict with the operation since it already has a built-in firewall.
Once installed, update the antivirus and run a full system scan on your computer.