Proofpoint security experts investigated the sminning bot, Smominru, which is mining the cryptocurrency Monero on more than 500,000 Windows machines.
According to security experts from Proofpoint, criminals are abusing the computing power of more than half a million Windows systems to "mine" the cryptocurrency Monero. According to Proofpoint, the affected machines are mainly Windows servers, many of which run in Russia, India, Taiwan and the Ukraine. In the observation period from May 2017 to January 2018, the attackers had landed Moneros worth about 3.6 million US dollars.
Server unusable
On the electricity costs, the victims sit, also suspect the security researchers that many of the affected server because of the additional workload only limited function.
The hackers use the server infected by their mining botnet Smominru to attack other machines, exploiting security vulnerabilities such as EternalBlue, attacks on the outdated SMB v1 network protocol.
Robust botnet
The Proofpoint employees reported the address used for the Monero mining to MineXMR, which then blocked the address. But only a few days later, the smominru hackers had redirected around two-thirds of the old processing power in the botnet to another Monero account. The mining botnet is so robust.
Be careful
Mining attacks are piling up Cryptocurrencies play a role in more and more attacks, such as blackmail with ransomware such as encryption Trojans. In recent months, numerous attacks have been discovered on Windows PCs, browsers (extensions) or even network devices aimed at mining cryptocurrencies.
all photos i use are from wikipedia, https://www.pexels.com or from https://pixabay.com
Source: https://www.heise.de/security/meldung/Krypto-Mining-Malware-bremst-Windows-Server-3960323.html Translated by google and harimbadl
Peace love and follow @harimbadl for news