Cryptomining malware Vivin has been watched closely by researchers over the past few years. What they’ve noticed is that the malware has switched its tactics to be able to adapt to the ever-changing cryptocurrency market. The Monero cryptocurrency is its favorite target and it continuously changes wallets in an effort to attract the least amount of attention possible. Recently, Vivan has been found embedded in pirated software and games. When one of the pirated software products is installed on a computer, it will be infected with Vivan. The threat actor behind Vivin has not been careful to cover their tracks, which gives researchers reason to believe that Vivan will continue to operate. Researchers made this statement, “The length of historical activity by Vivin, the multitude of wallets and malware execution infrastructure, and the actor’s somewhat flippant attitude towards operational security suggest that the Vivin will attempt to continue their operations for the foreseeable future.”