Virtual currency mining has led to a surge in viruses over the past few years. Today’s viruses infect computers and then use the processing power of those computers to mine Bitcoin, Litecoin, Dogecoin, and other virtual currencies.
Facebook’s security team recently discovered a virus called Lecpetex which infected over 250,000 computers around the world. Approximately 50,000 Facebook accounts were reportedly infected by the virus, with the majority of uses coming from Greece, Poland, Norway, India, the United States, and Portugal.
Fortunately for Facebook users, the Greeks who created the virus were recently arrested.
The arrest, however, was not easy. Over the past few months, the creators of the Lecpetex virus have reportedly “taunted” Facebook security specialists by leaving messages on Facebook’s secure services.
Between December 2013 and July 2014, the Lecpetex virus was responsible for approximately 20 spam campaigns you may have seen on Facebook.
Each spam campaign worked on a similar principle: users would receive private messages with a downloadable .zip attachment. That .zip file would contain a Java JAR file or Visual Basic script, and those scripts would be used to download more malware from other sites.
The malicious attachments constantly changed to avoid developing an identifiable security pattern. The malware code itself was also regularly updated to avoid detection by antivirus software.
Both of these traits made Lecpetex incredibly difficult to track and shut down. Facebook security researchers eventually contacted Greece’s Cybercrime Subdivision, which made two arrests within weeks.
It looks like the Lecpetex virus is dead in the water for now, but it’s only a matter of time before a new virtual currency mining virus appears to take its place.
If you’re reading FixMyPCFree.com, then I assume you’re smart enough to NOT download .zip files from anywhere on the internet but the most reputable sources. If someone sends you a .zip file on Facebook, you should absolutely not download that file.