Receive all Cointelegraph news immediately in Telegram.
Cybersecurity researchers have discovered a new Monero-mining botnet malware that has infected over half a million PCs worldwide using Eternalblue, a leaked NSA exploit.
Cryptocurrency mining botnet malware Smominru has infected more than 526,000 computers using a leaked NSA exploit, The Hacker News reported yesterday, Jan. 31.
Software security researchers from cybersecurity company Proofpoint have detected a new global botnet called Smominru, also known as Ismo, that uses a National Security Agency (NSA) exploit EternalBlue to spread Monero mining malware.
The EternalBlue exploit was leaked by the so-called Shadow Brokers hackers who were reportedly also behind the 2017 widespread WannaCry ransomware threat, according to The Hacker News.
Proofpoint reported that the Smominru botnet has been infecting computers since May 2017, mining about 24 Monero coins per day. To date, the botnet has reportedly managed to mine about 8,900 Monero, or about $2.1 million at press time. The highest number of Smominru-infected PCs has been found in Russia, India, and Taiwan, researchers said.
According to Proofpoint, cybercriminals are targeting vulnerable version of Windows, also using a leaked NSA protocol exploit called EsteemAudit.
According to thehackernews.com, the experts also notified DDoS protection service SharkTech where Smominru’s command and control infrastructure has been detected, however, they didn’t get a response.
As Cointelegraph reported Jan. 28, a massive Monero-mining malware attack via online ads, mostly attributed to the controversial cryptocurrency mining and advertising platform Coinhive, has affected a huge number of users and online businesses worldwide, including Youtube.
Follow us on Facebook
For updates and exclusive offers, enter your e-mail below.
Thank you for contacting us! We will reply to you as soon as possible.
Thank you for your interest in our franchise program.
We are considering your request and will contact you in due course. If you have any further queries, please contact: