Trojan.BitCoinMiner

Classification

Category :

Malware

Type :

Trojan

Aliases :

Trojan.BitCoinMiner.[variant]

Summary

Trojan.BitCoinMiner identifies a program that either silently installs, or functions as, a specialized mining program (miner) and uses the computer's physical resources (memory, processing power, etc) to generate units of a virtual or digital cryptocurrency.

Removal

Based on the settings of your F-Secure security product, it will either move the file to the quarantine where it cannot spread or cause harm, or remove it.

A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:

  • Check for the latest database updates

    First check if your F-Secure security program is using the latest updates, then try scanning the file again.

  • Submit a sample

    After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.

    Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.

  • Exclude a file from further scanning

    If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.

    Note: You need administrative rights to change the settings.

Technical Details

About trojans

A trojan is usually deliberately designed by its author to appear authentic and attractive. For example, it may appear to be a screensaver, a service pack, an application update and so on. Once installed or opened, the trojan may perform its promised function, or display a decoy document to distract the user. In the background however, it also silently performs unauthorized actions (its payload), without the user's knowledge or consent.

Programs identified as Trojan.BitCoinMiners can either function as a miner, or install a separate component that can do so. Malware that use miners as part of their payload are essentially hijacking a user's resources to create cryptocurrency units for the malware author's benefit.

About cryptocurrency mining programs

A cryptocurrency is an anonymous, decentralized form of digital currency, which can be used online as a medium of exchange much like traditional, physical currencies. Multiple cryptocurrencies exist, such as BitCoin, Ethereum and Monero.

Cryptocurrency units can be created by any user with specialized mining programs or miners that run the necessary mathematical calculations. Examples of mining programs include Coinhive, Cryptoloot, Electrum, Hashflare and MinerGate, though there are dozens of other similar programs available online.

The 'crypto' part of the term refers to the use of cryptography both for creating the currency units and for securing transactions made with the units. Because of the anonymity provided by cryptocurrency, its legality and acceptance varies considerably between countries.