Bitcoin mining rigs have been on the lookout for ransomware removal strategies recently and this new threat has been surfacing mostly in China. Our best guess why China is being targeted is because it is a country where most of the global mining farms for cryptocurrency are situated.
‘hAnt’ Ransomware
This new strain of ransomware is being caked hAnt, and it had first surfaced in the August of 2018. This new threat, however, is the first time a large scale of infections have been noticed under this title and they’ve all been targeting bitcoin mining farms.
Most of these victim mining rigs were known to be using devices such as the Antminer Tg or Sg devices which are quite coming in the world of bitcoin mining. There have also been reports of some Antminer L3 devices being affected. For those who didn’t already know – L3 devices are used for Litecoin mining.
The Ransomware May Be Part of Mining Firmware
The ransomware removal experts are still unclear as to how the perpetrators got the ransomware into the mining firmware. This is exactly why they are not ruling out the possibility that these devices may have already been infected by the tainted versions of the same.
How the Ransomware Affects Devices
According to Chinese media sources, hAnt was found to infect mining rigs by locking them and then preventing them from mining any more currencies. All of this happens without the owner initially finding out. They do, however, get the message when they remotely access the device and find the hAnt warning that is depicted by a splash screen.
Does that remind you of a particular ransomware folks? Well the very first thing that came to our minds was the NotPetya ransomware. In this formidable form of ransomware, the splash screen was red and had a red skull.
The Ransom Note
When the hAnt ransom note is translated, it instructs the user to spread their infected machine and reach 1000 antminers. Once this has been verified by the system, then the ransomware will stop attacking the device. If this isn’t done, then the antminer’s overheat protection will be turned off and may result in burning the machine – and possibly the victim’s house as well!
Well, ransomware are now turning out to be life threatening as well. What’s next?
