A coin-mining malware infection previously only seen on Arm-powered IoT devices has made the jump to Intel systems.
Akamai senior security researcher Larry Cashdollar says one of his honeypot systems recently turned up what appears to be an IoT malware that targets Intel machines running Linux.
In addition to being fine-tuned for Intel x86 and 686 processors, the malware looks to establish an SSH Port 22 connection and deliver itself as a gzip archive. From there, the malware checks to see if the machine has already been infected (at which point the installation stops) or if an earlier version is running and needs to be terminated. From there, three different directories are created with different versions of the same files.
Each directory contains a variation of the XMrig v2.14.1 cryptocurrency miner in either x86 32bit or 64bit format,