Copy link
Increase text size
Decrease text size
Link copied

New Monero-mining cryptojacking botnet discovered

A new botnet that secretly mines Monero (XMR) cryptocurrency has been infecting systems since March this year.

Thu, 23 Jul 2020, 12:57 pm UTC

A new type of cryptocurrency-mining botnet has been silently spreading across networks in recent months has been recently discovered by researchers. The botnet was able to propagate by employing multiple methods, which include exploiting SMB vulnerabilities.

The new cryptojacking botnet was discovered by researchers at the Cisco Talos, according to ZDNet. The researchers added that the malware, which was named Prometei by the researchers, has been infecting networks since March this year.

The Prometei malware’s goal is to enslave as many systems as it can to increase the yield of its clandestine mining activities. According to BleedingCompeter, the cryptojacking botnet is programmed to specifically mine the Monero (XMR) cryptocurrency.

One characteristic that sets the Prometei malware apart is that it uses a modular system as well as a variety of techniques to infect target networks and hide its presence from users. It starts by attempting to compromise a computer’s Windows Server Message Block (SMB) protocol via the block’s vulnerabilities such as Eternal Blue.

The Prometei also has a module designed to steal passwords, a modified version of Mimikatz. Combined with brute-force methods, it will scan, store, and test stolen credentials. Passwords are also sent to the operator’s C2 server so they can be reused by “other modules that attempt to verify the validity of the passwords on other systems using SMB and RDP protocols.”

Another thing that sets Prometei apart from its cryptojacking malware peers is that it also features analysis evasion and anti-detection features. Its maker or makers configured it in such a way that later variants of the bot become more complex compared to their predecessors.

Later versions of the main module spread using various names making it difficult for researchers to detect. “In addition to making manual analysis more difficult, this anti-analysis technique also avoids detection in dynamic automated analysis systems,” Cisco Talos’ Vanja Svajcer wrote.

Researchers were able to detect a total of 15 executable modules from the Prometei botnet, which can be divided into two groups. Those involved in the actual cryptocurrency mining were coded using C++ while the rest, such as modules involved in the abuse of SMB, obfuscation, and credential theft, were based on .NET.

Researchers estimate that the number of infected systems worldwide is in the “low thousands” with average earnings per month at around $1,250. “Although earnings of $1,250 per month doesn't sound like a significant amount compared to some other cybercriminal operations, for a single developer in Eastern Europe, this provides more than the average monthly salary for many countries,” Talos said.

TokenPost | [email protected]

<Copyright © TokenPost. All Rights Reserved. >

To leave a comment, please sign in.
  • Moses
  • 2020.07.31 00:17:58
I am a cryptocurrency trader and i make over 200% daily, If you are interested,i can teach you how to trade and also help you achieve your goal in life with crypto i can turn
$4500 into $35000 in less then four weeks,now that bitcoin has low prices...please note that cryptocurrency trading is bitcoin unlike binary and Forex,bitcoin is traded for altcoins also you can reach to me if you are new to bitcoin and to give you more info and guideline on how to invest smartly, this is opportunity life time knocking on your door inbox me for more info....contact me on whatsapp :+12067425358
  • 0
  • ·
  • 0
More
  • Bitcoin (btc) $34,714.00 (-4.30%)
  • Ethereum (eth) $2,128.43 (-5.76%)
  • Tether (usdt) $1.00 (+0.30%)
  • Binance Coin (bnb) $324.81 (-5.26%)
  • Cardano (ada) $1.38 (-3.74%)
  • Bitcoin (btc) $34,714.00 (-4.30%)
Jun 20, 2021 (Sunday)
14:11
BTC Surges by 1.01% Within 5 Mins, Marking 34,167.36 USDT
12:09
BTC Drops by 1.42% Within 5 Mins, Marking 33,515.6 USDT
09:53
BTC Drops by 1.13% Within 5 Mins, Marking 34,888.01 USDT
02:30
Crypto Market Sentiment On Jun 20: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Outflow With $179.62 Mln In Past 10 Hours
00:07
BTC Drops by 1.16% Within 5 Mins, Marking 35,251.78 USDT
Jun 19, 2021 (Saturday)
19:23
BTC Surges by 1.05% Within 5 Mins, Marking 35,960.19 USDT
04:30
BTC Surges by 1.04% Within 5 Mins, Marking 35,392.4 USDT
03:31
BTC Drops by 1.06% Within 5 Mins, Marking 34,968.6 USDT
Jun 18, 2021 (Friday)
16:01
BTC Surges by 1.18% Within 5 Mins, Marking 36,474.01 USDT
06:51
CRYPTOBANK’s CBANK Token To Be Listed On Hoo.com
02:30
Crypto Market Sentiment On Jun 18: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Outflow With $553.46 Mln In Past 10 Hours
Jun 17, 2021 (Thursday)
20:12
BTC Surges by 1.05% Within 5 Mins, Marking 37,733.19 USDT
17:21
BTC Drops by 1.16% Within 5 Mins, Marking 37,834.09 USDT
09:41
TriumphX Publishes NFT In Partnership With Artist HANJUNGSUN
02:30
Crypto Market Sentiment On Jun 17: Market In "Fear"
02:00
BTC Tops List Of Crypto Net Inflow With $233.17 Mln In Past 10 Hours
Jun 16, 2021 (Wednesday)
20:15
BTC Surges by 1.05% Within 5 Mins, Marking 38,856.33 USDT
18:01
BTC Drops by 1.21% Within 5 Mins, Marking 38,668.43 USDT
Subscribe to the TokenPost newsletter!
Don't show me this again today.
Back to top
Copyright ⓒ TokenPost. All Rights Reserved.
PUBLISHsoft