May 30, 2026
C2 Hosts: 9
xmrig
According to PCrisk, XMRIG is a completely legitimate open-source application that utilizes system CPUs to mine Monero cryptocurrency. Unfortunately, criminals generate revenue by infiltrating this app into systems without users' consent. This deceptive marketing method is called "bundling".
In most cases, "bundling" is used to infiltrate several potentially unwanted programs (PUAs) at once. So, there is a high probability that XMRIG Virus came with a number of adware-type applications that deliver intrusive ads and gather sensitive information.
C2 Infrastructure
Hosting/VPS 84%
Unknown 11%
Business 3%
sinkhole 3%
Last 7 days
May 29, 2026
C2 Hosts: 32
May 28, 2026
C2 Hosts: 1
May 27, 2026
C2 Hosts: 2
May 26, 2026
C2 Hosts: 1
May 25, 2026
C2 Hosts: 1
May 24, 2026
C2 Hosts: 13
| Date | C2 Hosts |
|---|---|
| May 30, 2026 | 9 |
| May 29, 2026 | 32 |
| May 28, 2026 | 1 |
| May 27, 2026 | 2 |
| May 26, 2026 | 1 |
| May 25, 2026 | 1 |
| May 24, 2026 | 13 |
Further Reading
XMRig Miner Malware Analysis 2026: Understanding Threats
XMRig Miner is a legitimate program for mining the Monero (XMR) cryptocurrency, but it is often used by attackers as malware. XMRig is usually distributed without the user's consent and is configur...
gridinsoft.com
Unpacking the unpleasant FIN7 gift: PackXOR
Discover our detailed analysis of PackXOR, a private packer linked to FIN7's AvNeutralizer tool, with insights into its usage and unpacking.
harfanglab.io
New Kiss-a-dog Cryptojacking Campaign Targets Docker and Kubernetes
CrowdStrike has identified a new cryptojacking campaign, called “Kiss-a-dog,” which has been observed targeting vulnerable Docker and Kubernetes infrastructure.
crowdstrike.com