One 、 Family profile

With the gradual improvement of the value of open source digital cryptocurrency , Malicious mining viruses are emerging in endlessly . Compared with the open source currency of bitcoin series , Monroe coins are more anonymous and difficult to trace , Has become a new favorite of hackers . Now , Most known mining viruses use the Monroe coin miner to occupy the host resources of the victim to perform mining , 1. To obtain benefits .

among ,Kinsing The family mining virus has a fast iteration speed , Continuously integrate the latest attack methods , And continuously active delivery and dissemination , And it's getting a lot of attention .

Kinsing The mining family is also known as H2miner, yes MALXMR Another typical representative of the family . Due to its malicious miner release program, the file name is kinsing And get the name . The mining family can be traced back to 2019 end of the year , Attack based Linux Is known for its infrastructure systems , Include docker Container host 、redis etc. . In the process of development, attack methods are continuously increased , In order to infect more broilers . stay 2020 year 10 Month added a pair of Windows Platform support , So that the affected host range is expanded again . meanwhile . It also adds the function of deleting competitive mining program and task plan , To maximize the benefits of mining .

Kinsing The reason for the popularity also benefits from the development of cloud and container threats , And use  Go  Language （ also called  Golang） Compiling , This is one