- Trend Micro detects a web address that spread a botnet with a Monero mining component.
- The firm believes the malware is related to Outlaw Hacking Group.
The cybersecurity company Trend Micro says it has discovered a web address that is spreading a botnet featuring a Monero (XMR) mining component. The botnet was also bundled with a backdoor-based exploit. The information was released by Hard Fork a few hours ago.
New Monero Botnets Spread On The Internet
The Outlaw hacking group seems to be behind it. The firm is known for releasing another crypto mining botnet that was responsible for attacks similar to the one that is currently doing. As per the researchers behind this investigation, the hackers are still testing and developing their botnets.
The report released by Hard Fork explains that Trend micro identified a large number of scripts and files that were not used, even when they contained the malware. This shows that the hackers may be having them dormant until a future edition of the botnet is released.
Malware Still Might Be In Testing and Development Phase
In order for it to work, the botnet uses a brute force attack and also Secure Shell (SSH). This is in order to exploit and give attackers remote access to the system of the victims they have infected. With the access that the attackers had, the malware works by executing two commands, one that downloads and installs the crypto miner payload. If there are other malware installed, the malware will delete them and reduce the competition for the resources.
Trend Micro believes that the creators of the malware are still testing and developing the current malware. The firm has also detected some infection attempts in China. Monero is also the preferred choice of cryptocurrency for hackers all over the world. Indeed, the virtual currency allows them to protect their identities and the funds transacted. As Hard Fork reports, cryptojacking was generating over $250,000 per month in Monero.
Like what you read? Give us one like or share it to your friends