Copy link
Increase text size
Decrease text size
Link copied

New Monero-mining cryptojacking botnet discovered

A new botnet that secretly mines Monero (XMR) cryptocurrency has been infecting systems since March this year.

Thu, 23 Jul 2020, 12:57 pm UTC

A new type of cryptocurrency-mining botnet has been silently spreading across networks in recent months has been recently discovered by researchers. The botnet was able to propagate by employing multiple methods, which include exploiting SMB vulnerabilities.

The new cryptojacking botnet was discovered by researchers at the Cisco Talos, according to ZDNet. The researchers added that the malware, which was named Prometei by the researchers, has been infecting networks since March this year.

The Prometei malware’s goal is to enslave as many systems as it can to increase the yield of its clandestine mining activities. According to BleedingCompeter, the cryptojacking botnet is programmed to specifically mine the Monero (XMR) cryptocurrency.

One characteristic that sets the Prometei malware apart is that it uses a modular system as well as a variety of techniques to infect target networks and hide its presence from users. It starts by attempting to compromise a computer’s Windows Server Message Block (SMB) protocol via the block’s vulnerabilities such as Eternal Blue.

The Prometei also has a module designed to steal passwords, a modified version of Mimikatz. Combined with brute-force methods, it will scan, store, and test stolen credentials. Passwords are also sent to the operator’s C2 server so they can be reused by “other modules that attempt to verify the validity of the passwords on other systems using SMB and RDP protocols.”

Another thing that sets Prometei apart from its cryptojacking malware peers is that it also features analysis evasion and anti-detection features. Its maker or makers configured it in such a way that later variants of the bot become more complex compared to their predecessors.

Later versions of the main module spread using various names making it difficult for researchers to detect. “In addition to making manual analysis more difficult, this anti-analysis technique also avoids detection in dynamic automated analysis systems,” Cisco Talos’ Vanja Svajcer wrote.

Researchers were able to detect a total of 15 executable modules from the Prometei botnet, which can be divided into two groups. Those involved in the actual cryptocurrency mining were coded using C++ while the rest, such as modules involved in the abuse of SMB, obfuscation, and credential theft, were based on .NET.

Researchers estimate that the number of infected systems worldwide is in the “low thousands” with average earnings per month at around $1,250. “Although earnings of $1,250 per month doesn't sound like a significant amount compared to some other cybercriminal operations, for a single developer in Eastern Europe, this provides more than the average monthly salary for many countries,” Talos said.

TokenPost | [email protected]

<Copyright © TokenPost. All Rights Reserved. >

To leave a comment, please sign in.
  • BarbaraEckman
  • 2022.05.22 06:51:32
I WAS ACTUALLY FOOLED AND SCAMMED ( $753,000 ) by someone I trusted with my funds through a transaction we did and I feel so disappointed and hurt knowing that someone can steal from you without remorse after trusting them, so I started searching for help legally to recover my stolen funds and came across a lot of Testimonials about WIZARD GARRY, an agent who helps in recovery lost funds, which I can tell has helped so many people who had contacted him regarding such issues and without a questionable doubt their funds was returned back to their wallet in a very short space of time, it took the expert 48hours to help me recover my funds and the best part of it all was that the scammers was actually located and arrested by local authorities in his region which was very relieving. Hope this helps as many people who have lost their hard earn money to scammers out of trust, you can reach him through the link below for help to recover your scammed funds and thank me later.
Email Address: [email protected]
Or WhatsApp: +15163299814... website: https://wzardgarryspeedhac.wixsite.com/my-site-1
  • 1
  • ·
  • 0
  • Moses
  • 2020.07.31 00:17:58
I am a cryptocurrency trader and i make over 200% daily, If you are interested,i can teach you how to trade and also help you achieve your goal in life with crypto i can turn
$4500 into $35000 in less then four weeks,now that bitcoin has low prices...please note that cryptocurrency trading is bitcoin unlike binary and Forex,bitcoin is traded for altcoins also you can reach to me if you are new to bitcoin and to give you more info and guideline on how to invest smartly, this is opportunity life time knocking on your door inbox me for more info....contact me on whatsapp :+12067425358
  • 0
  • ·
  • 0
More
  • Bitcoin (btc) $21,290.00 (+0.44%)
  • Ethereum (eth) $1,226.54 (+1.70%)
  • USD Coin (usdc) $1.00 (-0.08%)
  • BNB (bnb) $237.54 (+0.86%)
  • XRP (xrp) $0.364864 (+1.32%)
  • Bitcoin (btc) $21,290.00 (+0.44%)
Jul 15, 2021 (Thursday)
13:30
BTC Surges by 1.16% Within 5 Mins, Marking 31,824.01 USDT
12:06
BTC Surges by 1.12% Within 5 Mins, Marking 32,104.8 USDT
10:25
BTC Drops by 1.03% Within 5 Mins, Marking 32,171.88 USDT
02:13
TriumphX Scouts 'MINAMCOMPANY' CEO Woo-Seong Lee As Creative Director
02:00
ETH Tops List Of Crypto Net Inflow With $298.96 Mln In Past 10 Hours
Jul 14, 2021 (Wednesday)
13:14
BTC Surges by 1.03% Within 5 Mins, Marking 32,738.08 USDT
09:03
BTC Surges by 1.01% Within 5 Mins, Marking 31,899 USDT
02:30
Crypto Market Sentiment On Jul 14: Market In "Extreme Fear"
02:00
ETH Tops List Of Crypto Net Outflow With $224.97 Mln In Past 10 Hours
Jul 13, 2021 (Tuesday)
02:30
Crypto Market Sentiment On Jul 13: Market In "Extreme Fear"
02:00
ETH Tops List Of Crypto Net Outflow With $178.61 Mln In Past 10 Hours
Jul 12, 2021 (Monday)
02:30
Crypto Market Sentiment On Jul 12: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Inflow With $164.82 Mln In Past 10 Hours
Jul 11, 2021 (Sunday)
21:31
BTC Surges by 1.02% Within 5 Mins, Marking 34,475.6 USDT
10:00
ETH Tops List Of Crypto Net Inflow With $122.76 Mln In Past 18 Hours
06:17
SOBA Listed On LATOKEN
02:30
Crypto Market Sentiment On Jul 11: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Outflow With $87.56 Mln In Past 10 Hours
Jul 9, 2021 (Friday)
21:40
BTC Surges by 1.08% Within 5 Mins, Marking 33,911.8 USDT
02:30
Crypto Market Sentiment On Jul 09: Market In "Extreme Fear"
Subscribe to the TokenPost newsletter!
Don't show me this again today.
Back to top
Copyright ⓒ TokenPost. All Rights Reserved.