Guest User!

You are not Sophos Staff.

Thread Info
  • State Suggested Answer
  • Locked Locked
  • Replies 4 replies
  • Answers 1 answer
  • Subscribers 10 subscribers
  • Views 3335 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Crypto Miner Malware

Shridhar Bharthulwar

Does Sophos remove Crypto Miner Malware (such as XMRig)? Can someone provide a list of Crypto miner malwares that Sophos can handle and remove?



This thread was automatically locked due to age.
  • 0

    Hello Shridhar Bharthulwar,

    in what way would such a list be of help? And are you asking specifically about remove?

    Malware
    specific detections for miners (like XMRig) are usually not classified as malware even though the miners "steal" resources. Most of them arent't delivered by some malicious act but deliberately run by users. Thus they are among Adware and PUAs, a scheduled scan is required to remove them (though they are blocked by On-Access scanning).
    "Sneakily" running miners are in the Virus/Spyware category, detections are "semi-generic" (like Troj/Miner-XX), or generic (Mal/Generic-S), there are rarely monikers. Many can be automatically cleaned up or removed.

    Christian 

  • 0

    Pretty silly for a list of all things sophos can detect and all things it can't to be out there.

    Respectfully, 

     

    Badrobot

     

  • 0 in reply to QC

    Hi  

    Thank you for your post. As suggested by Christian , Miners are not necessarily Malwares unless it is used unauthorized and undesirably. So we categorize these miners under PUA as given here. Sophos would detect these applications as a PUA. We do not host a publicly available list of miners we detect, although, we will be glad to assist you with information on any specific variant which you doubt sophos has signature for (Although, we capture a huge number of malware based on their behavior as well over traditional signature based detection).

    Regards,

    Adithyan Thangaraj
    Community Support Engineer | Sophos Technical Support
    Knowledge Base  |  @SophosSupport  | Sign up for SMS Alerts
    If a post solves your question use the 'This helped me' link.

Unfiltered HTML