A report from cyber-security firm, ESET, confirms over 35,000 computers have been infected with a crypto mining malware since June 2019. The attackers targeted Windows computers with over 90% of the detected computers in South America’s Peru.
‘Monero (XMR) the most commonly mined crypto’
According to the hacking news outlet, The Hacker News, the botnet crypto-malware, named “Victory Gate”, spread over Latin America in the early days of 2019. Since May 2019, the malware spread to over 35,000 Windows computers infecting them with a crypto mining botnet. Not to any surprise, the most prevalent coin being mined on these computers is privacy-focused, Monero (XMR).
How do users get infected?
According to the report on the malware hack, most of the victims were infected through via removable devices such as USB drives that installs a malicious payload into the system. Once installed, the botnet offers different commands to the node. The report reads,
“It has been active since at least May 2019 and, since then, three different variants of the initial module have been identified, in addition to approximately 10 secondary payloads that are downloaded from file hosting websites.”
Other cryptocurrencies could also have been mined in the process given the attacker was able to issue commands to the nodes to download and execute new secondary payloads. Luckily, ESET was able to detect and remove a portion of the crypto-mining malware from these computers earlier this month.
Over 2000-3000 computers mined Monero
An observation by the ESET team confirms that close to 2000-3000 computers were mining XMR in the background on average daily. This totaled to about $6,000 in XMR tokens mined from this botnet.
“If we estimate an average hash rate of 150H/s, we could say that the authors of this campaign have collected at least 80 Monero (approximately $6000) from this botnet alone.”
Despite the efforts ESET has made to remove the botnets from the computers, the cyber-security firm warns that new infections could affect the computers. Users have been urged to stay vigilant as Victory Gate can re-infect those computers that were not in the ESET ‘sink holing’ project.
- Breaking: Binance Reportedly Under CFTC Investigation For Insider Trading
- S.Korea Crypto Crackdown: 60 Crypto Exchanges to Shut Down Due to This Reason
- Binance Plans to Revamp Regulatory Relations With Centralized Headquarters
- Breaking: Indian Crypto Exchange Eyes $2 Billion Valuation With a16z Backing
- Miami Becomes First City to Approve a Native Crypto, Here’s How It Would Be Used
- Dopamine App brings Vast Crypto Tracking under one roof
- Pooshi Coin is launching today! What you need to know
- After Coinbase This Crypto Lender is Facing Regulatory Scrutiny in 3 US States
- Tomi Heroes NFT Sales Volume Just Exploded Past $1.35m, with Massive ROI Potential For TOMI Sale
- Fantasy Sports And NFT Gaming Platform, DeFi 11 Announces Public Launch