flash on Nostr: ⚡️⚠️💻 NEW - A certified browser distributed a crypto miner to its own ...
⚡️⚠️💻 NEW - A certified browser distributed a crypto miner to its own users.
Hola Browser users were in for a nasty surprise when they discovered that an official version of the Windows browser had distributed a hidden program capable of mining Monero without the owner’s knowledge.
The file, named me.exe, was not present in the software’s certified components and exhibited several red flags: obfuscated code, lack of a digital signature, and the ability to modify Windows security settings.
According to Sophos researchers, the program contained references to XMRig, one of the most well-known Monero mining software programs.
Once executed, it could exclude itself from Microsoft Defender scans, install itself as a Windows service, and discreetly use the PC’s resources during periods of inactivity to generate cryptocurrency.
The software came from the browser’s official distribution channel. The publisher states that a compromise of its distribution chain caused the incident and estimates that approximately 0.1% of users were affected.
Published at
2026-06-06 15:23:08 UTCEvent JSON
{
"id": "b009ec0cb906e7cf8aeef7c7219ab7ccc16ec98fef857272e9fa90555b74efb1",
"pubkey": "4d7842051782e0d3feb034d150adc2b6bae4ee3b49786793bffa468b6f5b96b3",
"created_at": 1780759388,
"kind": 1,
"tags": [
[
"imeta",
"url https://blossom.primal.net/94c2d5c29535ed1529746678b03dd1e7f834ed62c172cabb76fe444a8a8ff42f.jpg",
"m jpeg",
"dim 584.0x415.0"
]
],
"content": "⚡️⚠️💻 NEW - A certified browser distributed a crypto miner to its own users.\n\nHola Browser users were in for a nasty surprise when they discovered that an official version of the Windows browser had distributed a hidden program capable of mining Monero without the owner’s knowledge.\n\nThe file, named me.exe, was not present in the software’s certified components and exhibited several red flags: obfuscated code, lack of a digital signature, and the ability to modify Windows security settings.\n\nAccording to Sophos researchers, the program contained references to XMRig, one of the most well-known Monero mining software programs.\nOnce executed, it could exclude itself from Microsoft Defender scans, install itself as a Windows service, and discreetly use the PC’s resources during periods of inactivity to generate cryptocurrency.\n\nThe software came from the browser’s official distribution channel. The publisher states that a compromise of its distribution chain caused the incident and estimates that approximately 0.1% of users were affected.\nhttps://blossom.primal.net/94c2d5c29535ed1529746678b03dd1e7f834ed62c172cabb76fe444a8a8ff42f.jpg",
"sig": "34bef2e22c3b0f4322e18e81723ba34c4a2b1941a0900cac4358ad2e9469cb131ebf5ea4f495ef9763ba88e6e022368e4e3e380ff569418e2723ec96bccb8d8d"
}
