cool hit counter Cryptocurrency botnets are sneaking into some company computers causing disruptions_Intefrankly

Cryptocurrency botnets are sneaking into some company computers causing disruptions


This article was originally written by Rehoo Team Leery and is prohibited without permission! (Image from the web)

Image from the Internet

A massive cryptocurrency mining botnet has generated $3.6 million worth of digital coins since last May, a researcher said on Wednesday. Unexpected hauls aren't the only thing of interest in botnets. Known as Smominru it infected 526,000 computers and is important for the ability of its operators to withstand the demolition of whitehats as well.

一位使用化名Kafeine的研究人员在一篇由安全公司Proofpoint发表的博客中写道:“由于比特币已经变得非常耗费资源,要在专门的采矿农场以外开采,所以对Monero的兴趣急剧增加。“虽然Monero不能在桌面电脑上有效开采,但像这里描述的分布式僵尸网络可以为其运营商带来丰厚的利润。”

Image from the Internet

Like the cryptocurrency mining botnets Adylkuzz and Zealot, Smominru uses a powerful attack code developed by the National Security Agency and later published online by a website calling itself Shadow Brokers. Like Zealot, Smominru uses other attack techniques to infect target computers, but in some cases it may fall back on EternalBlue developed by the NSA, presumably propagating from machine to machine in an infected network, or other infection techniques in the absence of a patch. Smominru also uses the Windows administration interface. Proofpoint said the botnet could also have a severe performance impact on the business networks it infects by slowing down the number of servers and raising power costs.

Kafeine said Proofpoint collaborated with other researchers to capture the area that controls Smominru. They also reported illegal activity to MineXMR, the Monero mining pool to which the botnet subscribes. Smominru operators entered the botnet by registering new domains and new addresses for MineXMR, even though the operators may have lost control of more than a third of the botnet.

Earlier this week, researchers from security firm CrowdStrike released their own report of a botnet similar to Smominru. Named WannaMine, it also mines Monero and uses EternalBlue. A CrowdStrike spokesperson said company researchers believe WannaMine is different from Smominru. The botnet contacts different mining pool addresses and hosts their command and control servers with different providers, the researchers said.

Image from the Internet

WannaMine和Smominru之间的另一个相似之处是它们对它们感染的机器和网络具有破坏性的影响。公司研究人员写道:“CrowdStrike最近发现了几起采矿影响了业务运作的案例,使得一些公司无法一次又一次地运营。“这些工具已经导致系统和应用程序崩溃,因为CPU利用率很高。”


Recommended>>
1、A few fallbacks for SVG images
2、Resources Python data analysis course from introductory to handson
3、Chantang No Column Data Reconstructs the New Vision of Business
4、Poisson and exponential distributions a 10minute tutorial
5、Black Friday VR manufacturers bleed again and electronics really cant get any better

    已推荐到看一看 和朋友分享想法
    最多200字,当前共 发送

    已发送

    朋友将在看一看看到

    确定
    分享你的想法...
    取消

    分享想法到看一看

    确定
    最多200字,当前共

    发送中

    网络异常,请稍后重试

    微信扫一扫
    关注该公众号