The SANS ISC shares a new design for Cryptocurrency miners, which use 50 percent less CPU. This change allows them to run more transparently, where this malware is less likely to be detected by users.

Cryptominers are still all the rage. I really wish that attackers would actually come up with a new scheme to make money so life will be more interesting. But then again, sometimes it is nice if security is a bit boring and not too exciting. The latest cryptocoin miners I have seen try to make it a bit more difficult to detect them by being less greedy and not asking for all the CPU cycles at once. They also take better advantage of some newer CPU features like AES support. This particular sample starts out, like so many of them, with a Struts exploit. I highlighted the “interesting” part in red below.