The year 2017 has been marked by numerous data breaches and attacks of ransomwares. But the landscape of cyber threats is changing rapidly and, increasingly, cybercriminals are turning to the mining of crypto-currencies with the help of malicious software.
The flaw EternalBlue used
Several companies specializing in cybersecurity denounced new mining-viruses that spread via the feat EternalBlue disclosed by the group of hackers Shadow Brokers, also responsible for the virus WannaCry.
The researchers at Proofpoint have discovered a huge botnet world called Smominru, which uses the feat EternalBlue to infect Windows-based computers in order to undermine the Monero, which costs millions of dollars to its owners.
Active since may of 2017, Smominru has already infected more than 526 000 computers, most of which revolved on older versions of Windows, according to experts.
It is to be noted that Smominru is two times larger than the botnet Adylkuzz which reduced also of the Monero using the vulnerability EternalBlue.
Indeed, such a botnet can be very lucrative as the Bitcoin requires many computer resources and, increasingly, cybercriminals prefer to Monero.
The largest number of infections by Smominru have been detected in Russia, India and Taiwan.
The experts have informed the service of protection against DDoS attacks SharkTech which houses the infrastructure of command and control Smominru, but without receiving any response.
In addition to the infection of computer systems, criminals commonly practice the cryptojacking, one of the most in vogue is to use the computing power of a computer without the knowledge of its owner to extract crypto-currencies.
Given that attacks of malware recently detected exploit the flaw EternalBlue, which had been corrected by Microsoft last year, it is recommended that users keep their systems and software up to date to avoid these threats.
Source : Thehackernews