What is Winlogson Cryptominer Malware?

Winlogson is the name of an executable file that comprises the payload of a cryptomining malware tool.

Winlogson is very obviously named the way it is to resemble the legitimate Winlogon process as closely as possible. Unlike Winlogon, the malware does nothing useful or productive for your system.

On the contrary, like all cryptomining malware, Winlogson will exert an extremely heavy load on all your hardware. The system's resources will be used to mine cryptocurrency of some kind, for the benefit of the malware's author. This behavior will shorten the lifespan of your hardware dramatically. As a result of the extreme CPU and GPU load, the system will generally become much slower and may even have periods where it appears frozen or crashing.

Cryptomining malware of this type should be removed from your system as soon as possible, both to help your system return to normal in terms of performance and to ease the stress on your hardware.

Sadly, in a lot of cases, pinning down the location of the executable related to the malicious process and deleting it may not be enough. More advanced cryptomining malware will have persistence mechanisms of some description and will usually take a robust anti-malware application to clean it completely.

August 29, 2022