ESET Reports Success In Disrupting Previously Unexplored Monero-Mining Botnet
ESET Reports Success In Disrupting Previously Unexplored Monero-Mining Botnet
April 24, 2020
ESET Reports Success In Disrupting Previously Unexplored Monero-Mining Botnet
ESET Reports Success In Disrupting Previously Unexplored Monero-Mining Botnet
April 24, 2020

ESET, a cybersecurity firm of Slovakia, has reported success in disrupting the workings of a previously unexplored Monero-mining botnet in Latin America.

On April 23, it has been reported in an announcement that ESET said the malware had infected over 35,000 computers since May 2019, with 90% of compromised devices located in Peru.

However, the ESET researchers have dubbed the botnet VictoryGate by noting that its main activity has been illicit Monero mining, also known as cryptojacking

It has been analyzed that this is the industry term for stealth crypto-mining attacks, which work by installing malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge.

Also, the firm’s announcement notes that the malware results in extremely high resource usage on infected computers, resulting in a sustained 90–99% CPU load that can lead to overheating and potentially damage the device.

ALSO READ :  FinCEN Issues A Notice On Cybercrime Occurring During COVID-19

Likewise, the botnet’s propagation vector has been external USB drives, which appear to have files with names and icons that are identical to those contained originally.

ESET writes:

“However, the original files have been copied to a hidden directory in the root of the drive and Windows executables have been provided as apparent namesakes.”

For having detected the botnet, ESET has had some success in disrupting its operations by taking down its command and control (C&C) server and setting up a “sinkhole” as this works to divert requests to an alternative domain name and has enabled ESET to monitor and control the infected hosts.

ESET says that it is working with the non-profit Shadowserver Foundation to share sinkhole logs and jointly try to mitigate the threat posed by VictoryGate.

The researchers stated:

“Despite our efforts, infected USB drives will continue to circulate and new infections will still occur. The main difference is that the bots will no longer receive commands from the C&C […] However, those PCs that were infected prior to the disruption may continue to perform cryptomining on behalf of the botmaster.”

In the meantime, users can use the firm’s free online scanner if they believe that their device has been infected by the botnet.

ALSO READ :  Ripple's Xpring To Launch Developer Relations Forum

Thus, as per the report, the attackers behind the so-dubbed “Sodinokibi” ransomware have recently switched from Bitcoin to Monero to better protect their identities from law enforcement.

Source: Cointelegraph | Image: Pixabay


Disclaimer

Crypto News Point a news platform of Digital Notice Media Labs is primarily a regular publication of information, commentary and articles focused extensively on fintech, blockchain technology, cryptocurrency, blockchain-based tokens, cryptocurrency market trends, and trading strategies. We do not provide individually tailored investment advice and does not take a subscriber’s or anyone’s circumstances into consideration when discussing investments, nor is Crypto News Point registered as an investment adviser or broker-dealer in any jurisdiction. Information contained herein is not an offer or solicitation to buy, hold, or sell any digital assets.

Affiliate Disclosure: To help support the work we do here at CNP, we often link to products and deals from around the web. Should you buy some of these, we may get a portion of the sale.

We in generally gather content from the major websites. In every article there is always a clear link and attribution to the source publication. If you have any issue with any of our published content taken from your site, kindly let us know so that we can take appropriate action. In any case, the content of the pages of this website is for your general information and use only. It is subject to change without notice.

You May Also like

Ishita Bora

Ishita Bora is a Senior Content Creator at Digital Notice Media Labs with an experience of 1 year. She has completed her Master's Degree in Language and Linguistics in 2019 from Gauhati University, India. Her interest lies in blockchain technology and cryptocurrency space, as she loves writing about blockchain and other blockchain-related articles. Currently, she is working on blockchain-based news, reviews, featured articles, and guides.