Cryptocurrency mining botnets are bringing millions of dollars to their developers by secretly infecting different devices around the globe.
According to technology portal ZDNet, at the beginning of February this year, more than half a million computers were hacked by a botnet server called Smominru, which controlled other devices that had to mine nearly 9,000 Monero cryptocoins without knowing who was running. own and control these devices.
Welcome to the world of botnets – a series of different internet-connected computing devices that can include desktop computers, servers, handheld mobile devices, and Internet of Things-compatible devices (IoT), intentionally infected with software and controlled by another type of malware. How botnets work ensures that device owners remain unaware that a botnet has infiltrated and taken control of their systems.
This system allows their developers to mine cryptocurrency while the cost of mining is levied on equipment owners, who are unaware that their miners are being used to produce cryptocurrency.
How do botnets work?
A botnet system is like regular malware. Computer malware is like any other computer program, but it is designed to use the computer for nefarious activities such as corrupting the system, destroying and/or stealing data or use it for illegal activities that adversely affect equipment, data and connected networks. Unless detected by the anti-virus/anti-malware programs installed on the device, they continue to run without the device owners’ knowledge, and have the ability to multiply copy and move to devices in the same network.
Likewise, botnets are automated programs programmed through lines of code and tasked with infiltrating a user’s device. The botnet takes advantage of the machine’s processing power, power, and Internet bandwidth, to mine a cryptocurrency secret.
Botnets are often distributed over a private network of connections between certain computers to pool the power of different devices and create higher cryptocurrency mining productivity, thereby increasing mining output and corresponding rewards for those who create botnets.
Minomin Botnet Lesson by Smominru
The Smominru botnet created in May 2017 mined about 9,000 Monero tokens worth about $3.6 million in February 2018. Researchers at cybersecurity firm Proofpoint say the botnet includes includes “more than 526,000 infected Windows machines, most of which we’re guessing are servers.”
Due to the versatile nature and ability of botets to multiply, it is difficult to prevent their spread despite all efforts to eliminate them. Geographically, Smominru’s botnets are located around the globe, and most of them are found in Russia, India, and Taiwan.
After investigation and analysis, Proofpoint requested that a well-known Monero mining pool, MineXMR, ban the address associated with Smominru. While this resulted in miners seemingly losing control of a third of the botnet, they quickly registered new domains and started mining to a new address on the same pool.
Monero seems to be the most mined cryptocurrency through botnets like the one above, due to its anonymity and diverse security features, it can be difficult to track the destination address to which the tokens were transferred.
Do less, enjoy more?
Cryptocurrency mining methods are becoming increasingly complex and resource-intensive. Instead of focusing on a hard, but honest way to benefit from cryptocurrency mining rewards, miners took botnets and developed them using all available methods to extend the botnet. on more devices, and focus their time and energy on creating pre-programmed software. In addition, they continue to think of many ways to make the botnet more powerful.
Considering the substantial profits generated by botnets, the number of botnets and their ill effects will also increase.
“Removing botnets is very difficult because they are highly distributed and the people who develop them are quite inert. For businesses, enhancing malware infection prevention through patching and layered security protocols is the best way to protect businesses against potentially harmful actions,” said ProofPoint Vice President, Kevin Epstein, told News.com.au.
In June 2017, another similar botnet called DoublePulsar was used to install Monero malware on different devices. In late January 2018, security firm TrendMicro reported that Alphabet Inc’s Google DoubleClick (GOOGL) advertising services were used to distribute cryptocurrency mining malware to multiple users in Europe. and Asia.
While the cryptocurrency infrastructure is still evolving day by day, threats like botnets will still spread across established networks. Although threats are unlikely at the individual user level, regular monitoring of applications running on personal devices can help prevent the consequences of malware. like botets.
According to Tapchibitcoin.vn/investopedia
Follow the Twitter page | Subscribe to Telegram channel | Follow the Facebook page