A global botnet dubbed “Smominru” has been secretly mining Monero on infected machines and making millions of dollars for its owners, according to research from Proofpoint. The operators have mined about 8,900 Monero valued at up to $3.6 million at a rate of 24 Monero ($8,500) per week. Researchers have watched the Smominru botnet spread since May 2017. Now including over 526,000 infected Windows hosts, Smominru uses EternalBlue, a Windows exploit developed by the NSA and leaked by the hacking group Shadow Brokers. The Smominru botnet’s command and control infrastructure is hosted behind SharkTech, a hosting and DDoS protection service, that reportedly ignored repeated abuse notification. SharkTech did not respond to a request for comment. “This Monero mining botnet is extremely large, made up mostly of Microsoft Windows servers spread around the globe,” Kevin Epstein, a vice president of threat operations at Proofpoint, said in a release. “Taking down the botnet is very difficult […]
The post Monero mining botnet ‘Smominru’ earns hackers $3.6 million appeared first on Cyberscoop.
Continue reading Monero mining botnet ‘Smominru’ earns hackers $3.6 million→