Takshostminer
Trojan | 06/05/2018

Takshostminer: A Trojan disguised as a game plug-in

About: TaksHostminer is a pernicious Trojan designed by cyber criminals to steal user sensitive information. To seek entry in the system, the malware is disguised as a plugin exclusively for games to trick user to download it and install the plugin. ...  Read More  

| Trojan | Takshostminer: A Trojan disguised as a game plug-in

What is TaksHostMiner?

TaksHostMiner is a Crypto miner Trojan that seeks back door entry to attack the targeted system or a Network. This Trojan rely on unsuspected game plugins and infect the system when the plugin is executed. The Trojan was recently discovered and is known to have infected thousands of computer in one day.

Once infiltrated detection of this malicious program is difficult as the Trojan has this extraordinary capability to end itself from the task manager if the user tries to monitor the CPU Usage or task manger and reappear later.

The Trojan mainly targets information stored on the hard drive may it be the OS Loader or user specific files. They are designed by Cyber criminals with the purpose to destroy the OS loaders and remotely access and steal sensitive user information.

How does the Trojan invade the system?

Trojans are disguised as important software programs to deceive the user. So does Takshostminer.

Disguised as game cracking plugin, the Trojan lures the user into installing the program in their system. In a bid to unlock the game or its various stages, the game enthusiasts are prompted to download the various plugins available online. In a haste they do so without going through the security documents and hence end up installing this vicious OS infection which decompress itself when the plugin is executed.

The Trojan is also bundled to the payload files of various game applications, information about which is not disclosed to the user unless the user goes for advanced settings to install the application. Custom Settings gives user the transparency to choose which additional software to keep from the main installation and which to leave.

How is Takshostminer dangerous?

This pernicious infection once infiltrated keeps an eye on user activity to access users’ personal information such passwords, banking information, email id, credit card number etc.

If task manager or related programs are run, the malware kills its mining process to prevent its detection and restart the malicious activity later when the program is closed. Not only this, the Trojan hides its files and folders in the log files to prevent being observed.

Preventive steps to prohibit the entry of the Trojan in the system

Since the virus possess the ability to hide or kill itself when to prevent its detection, it is difficult to eject the virus once infiltrated. Hence it is strongly recommended to follow preventive steps to prohibit the virus entry. One such way to do this is to enable antivirus software while installing new applications.

Also it is advised to be vigilant while installing third party application to prevent the entry of the infction in the system.

In order to remain protected and avoid such infections, it is recommended to keep your Operating System updated by enabling the automatic update on your system. The systems with outdated or older versions of Operating System become an easy target for the attackers.

Threat Summary

Name: TaksHostMiner

Browsers Affected: Internet Explorer, Google Chrome, Microsoft Edge and Firefox

Targeted Operating System: Windows

Category: Trojan

Symptoms:  Unnatural Network activities, slow and unusual computer behavior. The Trojan operates silently in the background to steal user sensitive information from the system.

Steps to prevent the infiltration of TaksHostMiner Trojan in the system

Reboot your system to safe mode with networking

To restart the system to Safe Mode with Networking,  if already switched ON then follow the below steps:

Windows 7/ Vista/ XP

  1. Click on Windows icon present in the lower left corner of the computer screen.
  2. Select and click  Restart.
  3. When the screen goes blank, Keep tapping  F8  Key until you see the Advanced Boot Options window.
  4. With the help of arrow keys on keyboard, Select Safe Mode with Networking  option from the list and press the Enter Key. The system will then restart to Safe Mode with Networking.

5 Click on the username and enter the password (if any).

Windows 10 / Windows 8

  1. Press and hold the Shift Key and simultaneously click on the windows icon present in the lower left corner of your computer screen.
  2. While the Shift key is still pressed click on the Power button and then click on Restart.
  3. Now select Troubleshoot → Advanced options → Startup Settings.
  4. When the Startup Settings screen appears which is the first screen to appear after restart, select and click on Enable Safe Mode with Networking. The system will then restart to Safe Mode with Networking.
  5. Click on the username and enter the password.

Update  your system software

Windows 7

  1. Click on the Windows icon present in the bottom left corner of the task bar to open up the Start menu.
  2. Click on the ‘Control Panel’ button in the Start menu. This will open the control panel dialog box.
  3. In the Control Panel dialog box click on the ‘View by:’ dropdown at the top right corner of the dialog box and Select the Large Icons
  4. Click on”Windows Update” link.
  5. After Windows Update opens, click “Check for Updates” button.
  6. Once Windows finishes checking for updates, click the “Install now” button.
  7. When the updates have finished installing, restart your computer (if prompted).

Windows 10

  1.  Click on the Search Box and type “Update” (you can also press Windows key + Q to bring up the search bar needed. This shortcut will launch the search function on your system). Windows Update Settings should appear in the results list. Click on it to launch the program.       
  2. Check for the Update Status. If Windows Update says your device is up to date, you have all the updates that are currently available. For more info about updates, click on View installed update history.
  3. Once the system software are updated click on Restart Now button to install the Updated software.

Protect your system with Windows Defender

Windows 7

  1. Click on the Windows icon present in the bottom left corner of the task bar to open up the Start menu.
  2. Click on the ‘Control Panel’ button in the Start menu. This will open the control panel dialog box.
  3. In the Control Panel dialog box click on the ‘View by:’ dropdown at the top right corner of the dialog box and Select the Large Icons
  4. Click on the Windows Defender icon. This will open the windows defender dialog box.
  5. Click on ‘Check for updates now’ button. It will check for Updated definitions before scanning the system.
  6. Once the Defender is updated click on Scan Now button.
  7. This will take some time to scan the system for threats.
  8. Once the scanning is complete and no threats are found you will be notified with a message ‘No unwanted or harmful software detected’ in a Green Bar.
  9. If threats are found, you are recommended to use an antivirus to keep your system risk free.

Windows 10

  1. Click on the Search Box and type “Defender” (you can also press Windows key + Q to bring up the search bar needed. This shortcut will launch the search function on your system). Windows Defender Settings should appear in the results list. Click on it to launch the program. 
  2. In the Defender window click on Open Windows Defender Security Center button. This will launch  Windows Defender Security Center window.
  3. Click on Virus & Threat Protection icon, from the Windows Defender Security Center window.
  4. In the Virus and Threat Window that appears click on Quick scan button. This will scan the  system for Virus and other threats.
  5. System scan will take some time. Once the scanning is complete and no threats are found you will be notified with a message pop up at the bottom right corner of the window, ‘No threats were found’.
  6. If threats are found, you are recommended to use an antivirus to keep your system risk free

Hits: 43

Leave a Reply

Your email address will not be published. Required fields are marked *

Did you find the article informative? Yes NO

Get Regular Updates Related to All the Threats

Want to stay informed about the latest threats & malware? Sign up for our newsletter & learn how to get rid of all types of threats from your computer.

Virus Removal Guidelines
Plot No 319, Nandpuri- B Pratap Nagar
Jaipur
Rajasthan 302033
Phone: +91 9799661866