CyberNews Briefs

Norman Cryptominer Employs Sophisticated Obfuscation Tactics

Security researchers with Varonis have spotted a sophisticated new strain of cryptomining malware that uses various obfuscation tactics in order to avoid detection. The researchers describe the cryptominer, dubbed “Norman,”  as “a high-performance miner for Monero cryptocurrency,” that distinguishes itself from other miners in the way it “employs evasion techniques to hide from analysis and avoid discovery.”

The rogue installation of Norman on a targeted system follows three stages, all of which involve obfuscation. Moreover, the malware adjusts its installation process based on the details it gathers about the underlying operating system. The researchers believe that Norman “possibly originated from France or another French-speaking country”  because the code contains comments in French.

Read more: Norman Cryptominer Employs Sophisticated Obfuscation Tactics

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.