The 2017 Cryptocurrency Exchange, which targets Ransomware, data breaches, and hacking, is known. WannaCry Ransomware used some of the Windows machines with the same EternalBlue exploit in 2017.
Mining cryptocurrencies legally is a resource-intensive process, so attackers demand that ransom payment and infect other computers to mine cryptocurrencies.
Attackers even now abuse Google’s DoubleClick ads and run Malvertising Champaign into high-traffic sites running coinhive cryptographers and other web-based miners, connected to some private tools.
Read simultaneously Coincheck Cryptocurrency Exchange hacking and stealing over $ 500 million
The robot was discovered at the end of May 2017 and miners using the Windows Management Infrastructure are not common in coin-mining malware. Based on the hash rights associated with the payment address of Monero, the fraudster has mined more than 8,900 Monero’s.
The researchers said at least 25 hosts were attacked via EternalBlue (CVE-2017-0144 SMB) to infect the new node and increase the size of the botnet. The hosts seem to be behind the network AS63199.
Smominru C & C Server and Distribution
The Smominru C & C server, hosted by SharkTech, affects over 526,000 window servers with nodes all over the world, mainly in Russia, India and Taiwan.
Security researchers from Proofpoint detected Monero miners that spread using the infamous EternalBlue Exploit. Attackers using persistent Botnet dubbed Smominru to spread the infection through all possible exploits. The year 2017 is well known for Ransomware, data breaches and Hacking attacks targetting Cryptocurrency exchanges. In 2017 Wanna cry Ransomware uses the same EternalBlue vulnerability to Engaging post, Read More…
thumbnail courtesy of gbhackers.com
Mining Smominru botnet used NSA exploit to infect more than 526,000 systems
Researchers from Proofpoint discovered a huge botnet dubbed ‘Smominru’ that is using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. The number of cyber attacks against the cryptocurrency sector continues, vxers are focusing their efforts on the development of cryptocurrency/miner malware. Recently security experts observed cryptocurrency miners leveraging the NSA EternalBlue SMB exploit… Mining Smominru botnet used NSA exploit to infect more than 526,000 systems
If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post »