Avast has found a targeted attack on a small US federal government commission. Despite the fact that they did not cooperate with us, we were able to analyze two files involved in this attack.
CoinHelper is a family of AutoIt droppers which provides a massive coinmining campaign. The malware is being spread in a form of a bundle with another software, being it game cheats, cracked software, or even clean installers such as Google Chrome, Microsoft Office, AV products, and many others.