Hi,
I run a computer facility with internet access.
Recently I found out that many of my computers had CPU miners running and mining for the same wallet address.
I know how to stop all those processes and clean up my system.
1. But I want to know if it is possible to trace the person who put the programs in the machines.
I see the miner exe file and a batch file to execute the exe with a wallet address. Is there anything I can do with this?
2. Also I want to know how to find out if this happens again. (Since I have good machines, I couldn't really tell any speed compromise because of the miners. This time I accidentally opened task manager and found these processes hogging up my CPUs.
But I can't keep doing this every time on every machine.)
Thank you
It's hard to trace to trace unless you have quite good knowledge on programming.It may have gotten into your system by any means Internet being the first.Somebody might have installed a program that had the miner program attached.Miner malwares are as low as 10 KiB in size and are hidden and encrypted not to get detected by antiviruses.