Cisco Talos has discovered a botnet that has been active for months and has infected more than 5,000 computers for stealthmining confidential cryptocurrency Monero.
In its report, specializing inCybersecurity analyst firm Cisco Talos, part of tech giant Cisco Systems, said it had discovered a botnet called Prometei that had been active for months.
Botnet can disable controlssecurity, copy important files and disguise themselves as other programs to set up hidden mining operations on computer systems. New tools are also constantly emerging on the network to help a botnet avoid detection.
Researchers believe that since the beginning of work inIn March, the botnet infected 1,000 to 5,000 computer systems. According to analysts, Prometei has already brought its owner the equivalent of $ 5,000 XMR. Cisco Talos has not identified the hacker, but suggests it is a professional developer based somewhere in Eastern Europe.
Analysts also found that the botnet was stealing credentials such as administrator passwords, possibly for sale on the darknet.
In May, hackers attacked several supercomputers in Europe to mine Monero. The supercomputer clusters were forced to shut down to investigate incidents.
In addition, in April, the Slovak antivirus company ESET announced that it successfully counteracted a botnet of 35,000 computers in Latin America that mined XMR.
At the beginning of the year, a division of the telecommunications company AT&T Alien Labs analyzed the spread of Monero hidden mining malware that is injected into mail servers.
</p></p>Read this:
Monero changes mining algorithm to protect against ASIC and FPGA
Hard fork will be held on Monero network
Trend Micro discovered a new hidden miner virus for Linux
The new Monero algorithm fights against asics and stimulates mining on the CPU
Covert mining: find and destroy
Hidden mining decreased by 2 times in the last year