Connect with us

Blockchain

Researchers Disclose Bot in Disguise Mining Crypto and Stealing User Data

Threat intelligence research team Cisco Talos has discovered a cryptocurrency mining botnet attack dubbed Prometei. The main purpose of the actor is to deploy users’ computer systems to mine Monero (XMR). Another possible goal is to steal Bitcoin (BTC) wallets that might be protected by passwords stolen with open-source app Mimikatz. Once installed and launched, the malware not only disguises itself as other programs to set up hidden mining operations but also allows the attacker to control the infected system and copy files. The analysts also identified attempts to steal administrator passwords. The report explains:

“The infection starts with the main botnet file which is copied from other infected systems by means of SMB, using passwords retrieved by a modified Mimikatz module and exploits such as Eternal Blue. The actor is also aware of the latest SMB vulnerabilities such as SMBGhost, but no evidence of using this exploit has been found.”

Prometei has been active since early March. The researchers noted that the earning potential of the botnet is relatively small as over the past four months it has managed to make just under $5,000, or $1,250 per month on average. Cisco Talos believes that the botnet was created by a professional developer from Eastern Europe, although the attacker could not be identified.

Illegal crypto miners are on the rise

As forklog.media reported in May, the first quarter of last year saw the emergence of new families of cryptojacking—a scheme to illegally use users’ devices to mine cryptocurrencies—targeting Windows and Apple devices. Per the McAfee Labs Threats Report report released in August 2019, the volume of cryptojacking campaigns targeting victims’ computers to mine cryptocurrencies continued to grow and increased by 29%, by that time. As reported by Check Point Software Technologies, 2019 saw 38% of companies worldwide impacted by illegal cryptocurrency miners because their use remains a low-risk and high-reward activity for criminals. Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.

Avatar

Published

on

Threat intelligence research team Cisco Talos has discovered a cryptocurrency mining botnet attack dubbed Prometei. The main purpose of the actor is to deploy users’ computer systems to mine Monero (XMR). Another possible goal is to steal Bitcoin (BTC) wallets that might be protected by passwords stolen with open-source app Mimikatz.

Once installed and launched, the malware not only disguises itself as other programs to set up hidden mining operations but also allows the attacker to control the infected system and copy files. The analysts also identified attempts to steal administrator passwords. The report explains:

“The infection starts with the main botnet file which is copied from other infected systems by means of SMB, using passwords retrieved by a modified Mimikatz module and exploits such as Eternal Blue. The actor is also aware of the latest SMB vulnerabilities such as SMBGhost, but no evidence of using this exploit has been found.”

Prometei has been active since early March. The researchers noted that the earning potential of the botnet is relatively small as over the past four months it has managed to make just under $5,000, or $1,250 per month on average.

Cisco Talos believes that the botnet was created by a professional developer from Eastern Europe, although the attacker could not be identified.

Illegal crypto miners are on the rise

As forklog.media reported in May, the first quarter of last year saw the emergence of new families of cryptojacking—a scheme to illegally use users’ devices to mine cryptocurrencies—targeting Windows and Apple devices.

Per the McAfee Labs Threats Report report released in August 2019, the volume of cryptojacking campaigns targeting victims’ computers to mine cryptocurrencies continued to grow and increased by 29%, by that time.

As reported by Check Point Software Technologies, 2019 saw 38% of companies worldwide impacted by illegal cryptocurrency miners because their use remains a low-risk and high-reward activity for criminals.

Follow us on Twitter and Facebook and join our Telegram channel to know what’s up with crypto and why it’s important.

Subscribe to our Newsletter

Source: https://forklog.media/researchers-disclose-bot-in-disguise-mining-crypto-and-stealing-user-data/

Continue Reading

Blockchain

Avatar

Published

on

Source:

Continue Reading

Blockchain

Avatar

Published

on

Source:

Continue Reading

Blockchain

Avatar

Published

on

Source:

Continue Reading
Blockchain2 hours ago

Blockchain2 hours ago

Blockchain2 hours ago

Blockchain2 hours ago

Blockchain2 hours ago

Blockchain2 hours ago

Blockchain2 hours ago

Blockchain2 hours ago

Blockchain2 hours ago

Blockchain2 hours ago

Saas2 hours ago

Saas2 hours ago

Saas2 hours ago

Saas2 hours ago

Saas2 hours ago

Saas2 hours ago

Saas2 hours ago

Saas2 hours ago

Saas2 hours ago

Saas2 hours ago

Blockchain2 hours ago

Lithuania Scores $7.6M From Confiscated Crypto Tokens

Press Releases2 hours ago

VDO360 Launches Latest Addition to the SEE Family, the SEEME Enterprise-Grade Personal Webcam

Saas2 hours ago

What To Look For — And Look Out For — In a Co-Founder

Blockchain2 hours ago

Elegendő forrás gyűlt össze az Ethereum 2.0 indulásához

Press Releases2 hours ago

CITGO Holds Annual Food Drive for Local Pantries

Press Releases2 hours ago

Diageo lanza su nuevo plan de acción de sustentabilidad a diez años

Venture Capital2 hours ago

Facebook Researchers Found Company’s ‘Political Whitelist’ Influenced Misinformation Spread

Press Releases2 hours ago

The Foundation for Climate Restoration Looks Forward to Collaboration with John Kerry, the Incoming Administration’s Special “Climate Envoy”

Press Releases2 hours ago

J.Crew Group Appoints Libby Wadle As Chief Executive Officer

Press Releases2 hours ago

Global 5G Fixed Wireless Access Market Report 2020-2026

Press Releases2 hours ago

PressRelease.com Supports Businesses Through Cost-Effective Media Communications and Increased Online Visibility

Saas3 hours ago

Should I Hire a Sales Rep First, Or a Sales Manager?

Blockchain3 hours ago

Global Crypto & CBDC Adoption Is a Matter of ‘When’ Not ‘if’ – PayPal CEO

Press Releases3 hours ago

Hunden Strategic Partners Announces Successful Developer Solicitation Process for Badgerow Building in Sioux City

Blockchain3 hours ago

Bitcoin Breaks $19,000: Why Analysts are Concerned of a 30%+ Pullback

Press Releases3 hours ago

Insightin Health Partners With Compt to Offer Team Members Meaningful Benefits

Press Releases3 hours ago

Magic Player Aaron Gordon Helps Sponsor the Magic and Amway Corporation’s Car Trunk Turkey Dinner Distribution for Local Families in Need

Blockchain3 hours ago

1000 dollárt adhat fájdalomdíjként az OKEx a felhasználóknak

Blockchain3 hours ago

Video: Securing Bitcoin With Zach Herbert Of Foundation Devices

Blockchain3 hours ago

Blockchain Provides Legal High for Cannabis Users

Trending