The cyber-crooks are using NSA hacking tool for infecting Windows PC with a new cryptocurrency miner. The Russian anti-virus vendor Dr. Web detected the related Trojan last week that has generic name as Trojan.BtcMine.1259. A NSA implant named as DOUBEPULSAR is used by the Trojan to infect computer that run unsafe SMB services. Now, the cyber-crooks can execute malicious code in the PC from backdoor. The crooks use DOUBLEPULSAR in order to download generic loader on targeted devices. The malware loader checks the uses PC for minimum kernel threads amount. Based the available PC resources, the generic loader downloads the cryptocurrency miner payload.