Criminals are infecting Windows machines with fileless malware that runs in memory, and puts the hijacked PCs to work on mining cryptocurrency. Two features in particular make this malware, known as Coinminer, “extremely stealthy and persistent”, according to malware researchers at Trend Micro. To infect Windows machine, it’s using the so-called EternalBlue vulnerability employed by WannaCry and NotPetya as a spreading mechanism. Microsoft released a patch for the flaw in March but a spate of infections in Asia, mostly in Japan, suggest some systems have not been updated.