1. Symantec/
  2. Security Response/
  3. Attack Signatures/
  4. System Infected: Miner.Bitcoinminer Activity 13

System Infected: Miner.Bitcoinminer Activity 13

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects PUA.Coinminer activity on the infected machine.

Additional Information

PUA.Coinminer is a detection for a file based cryptocurrency miner that runs on your system. These miners consumes enormous CPU resources, making computer use sluggish. If you haven't downloaded the file it may be brought onto your system through various sources like bundled in PUA, Exploitation etc. If you find this signature hitting its expected that a miner is hosted on your system.

Affected

  • Windows 2000, Windows 7, Windows NT, Windows Server 2003, Windows Server 2008, Windows Vista, Windows XP, MAC and Linux platforms.

Response

PUA.Coinminer is a detection for a file based cryptocurrency miner that runs on your system. These miners consumes enormous CPU resources, making computer use sluggish. If you havent downloaded the file it may be brought onto your system through various sources like bundled in PUA, Exploitation etc. If you find this signature hitting its expected that a miner is hosted on your system.


If you are a Norton user and wish to allow mining onto your system, please go through the exclusion process listed at https://support.norton.com/sp/en/us/home/current/solutions/v1224806_ns_retail_en_us to exclude the Intrusion Prevention detection mining activity.

If you are an Enterprise Product user, please go through the exclusion process listed at https://support.symantec.com/en_US/article.HOWTO80883.html to exclude the Intrusion Prevention detection.
  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube