A new botnet, Smominru that is focused on mining Monero cryptocurrency entrapped more than over 500,000 Windows machines all over the world. By hitting the majority of government and corporate servers, it gives a resemblance to the WannaCry attack last year that hit more than 400,000 machines worldwide.
Monero Mining Software hits 500,000 Machines
With the increasing rate of cryptocurrency related hacking incidents, a botnet called Smominru has sprung up and affected over 500,000 Windows-based computer systems to date. A sinkholing operation has been conducted by the security researchers that discovered the fact that these machines are distributed worldwide. The highest numbers are present in India, Russia, and Taiwan.
It has been believed that the majority of these affected computers are government and corporate servers. Moreover, the Monero miner also called Ismo has been spreading via EternalBlue, a National Security Agency-linked exploit that basically targets a vulnerability in the Server Message Block of Windows on port 445. That gives it a resemblance to other global attacks namely NotPetya and WannaCry.
The Monero payment address for Smominru’s associated hash powers divulges that the botnet here was about double the size of Adylkuzz. Adylkuzz is the first crypto mining botnet that abused EternalBlue.
Monero- a popular choice for hackers
It has been believed by the experts that this application could be making 24 Monero at maximum, per day. As per the reports, Smominru’s operators have already mined 8,900 Monero approximately that is somewhere between $2.8 million and $3.6 million.
Another mining server MineXMR was also contacted about the Monero address associated with Smominru. But the mining pool banned it. This led the botnet operators to work with new domains and use the same pool to mine but on a new address. It seems that this switch was the result of the operators losing control over the third bot.
As per a report:
“Because most of the nodes in this botnet appear to be Windows servers, the performance impact on potentially critical business infrastructure may be high, as can the cost of increased energy usage by servers running much closer to capacity. The operators of this botnet are persistent, use all available exploits to expand their botnet, and have found multiple ways to recover after sinkhole operations.”
According to the reports of a security firm Talos that has studied botnets in the past with millions of victims:
“Talos has observed botnets consisting of millions of infected systems, which using our previous logic means that these systems could be leveraged to generate more than $100 million per year theoretically.”
As more and more malwares are associated with it, it appears that Monero is the coin of choice for the hackers.
According to a report, there are millions of computers in Thailand and all over the globe that is currently being used to mine Monero through malware that too without the knowledge of the PC owners that are victimized.
What are your views on this situation? Do you think due to the pseudo-anonymous nature of cryptocurrencies, this will worsen over time? Let us know your thoughts in our comment section below!
- Donald Trump Shortlists Hassett, Warsh, and Waller for Fed Chair
- Ethena Labs Secures Fresh Funding From ArkStream Capital, ENA Price Spikes
- SEC Forms International Task Force to Crack Down on Pump-and-Dump Schemes
- Justin Sun Pledges $20M Buy Following WLFI Wallet Freeze
- Expert Blames ‘Secret Committee’ for Rejecting MSTR Stock Inclusion to S&P 500
- XRP Price Forecast: Analyst Eyes $127 as BlackRock Joins Ripple Swell 2025
- Chainlink Price Eyes $55 as Reserve Holdings Jump With 43,937 LINK Addition
- Cardano Price Targets 30% Surge as Top Economist Calls for Fed Cut
- ETH Price Forecast as Grayscale’s Covered Call Ethereum ETF Spurs Optimism — Is $8,500 in Sight?
- Bitcoin Price Prediction as SEC Unveils Agenda for Crypto Regulation — Is $200K Next?