Cryptocurrency miners now possess process-killing   function to kill processes which consumes the CPU processing power.

Since majority of cyber-attackers are now focused on cryptocurrency, every device that has computing power is now a target of malware propagation.  Different kinds and methods of cryptocurrency-mining emerged such as smartphone miners, NSA tool-powered miners, and even nuclear facility miners.   All these schemes are effective in their own ways, and are gradually making innovations through time.

Recently, it was discovered that newly-engineered crypto-mining malware have the capability to kill processes that consume the computing power of the target system.  Included in the code of the crypto-mining malware is a kill list consisting of processes that might hinder the mining process consumption.  The list includes some Operating system processes, as well as known processes from other cryptocurrency-miners to ace the competition.

The following is the list of some of the processes included in the kill list:

  1. Silence
  2. Carbon
  3. xmrig32
  4. nscpucnminer64
  5. mrservicehost
  6. servisce
  7. svchosts3
  8. svhosts
  9. system64
  10. systemiissec
  11. taskhost
  12. vrmserver
  13. vshell
  14. winlogan
  15. winlogo
  16. logon
  17. win1nit
  18. wininits
  19. winlnlts
  20. taskngr
  21. tasksvr
  22. mscl
  23. cpuminer
  24. sql31
  25. taskhots
  26. svchostx
  27. xmr86
  28. xmrig
  29. xmr
  30. win1ogin
  31. win1ogins
  32. ccsvchst
  33. nscpucnminer64
  34. update_windows

Although the process-killing capability of the crypto-mining malware will make the miner more effective, the function is quite advantageous to the infected system.  Primarily, the malware is easily detectable since it is noticeable that some windows processes are terminated without the user interaction.  Second, security researches can utilize the same code used in the malware to develop defensive applications which can auto-kill processes coming from crypto-mining malware.


Manny Cuevas

My name is Manny Cuevas a Security Researcher / Engineer for about 15 years that focuses on Web and Mobile applications and other platforms from the Island of Sulu, Philippines. I’m also a scientist, inventor and a top ranked hacker in the world that bypass all security systems.


Leave a Reply

Your email address will not be published. Required fields are marked *