It is an open secret that the supply of the cryptocurrency Monero feeds partially from illegal sources. No other crypto-currency is as virulent as malware mining as it is with the Privacy Coin. According to a report by the IT security firm Carbon Black, a well-known malicious program has been re-infused to at least 500,000 devices. The mining of XMR without the knowledge of the device owner is only the tip of the iceberg.
An old friend is currently in his latest incarnation on at least 500,000 devices mischief. A botnet operates mining of the cryptocurrency Monero (XMR) without the knowledge – let alone the consent – of the device owner. We are talking about the botnet Smominru, which already gained dubious fame at the beginning of last year . At the time, security researchers had discovered that Smominru “mined” XMR for more than $ 3.3 million in the last half of 2017 . From a recent report The IT security firm Carbon Black states that the danger of Smominru is not yet banned. On the contrary: The researchers discovered a previously unknown connection between Smominru and another botnet called MyKings.
Thereafter, the affected terminals can not be abused only for XMR mining; their owners now run the risk that the access to their network fully automated lands on the black market. Malware mining serves as a façade behind a greater danger: access mining.
Access Mining is a tactic in which an attacker uses the footprint and dissemination of commodity malware, in this case a crypto-miner, to hide an intent to sell system access to certain computers on the dark web. Access Mining involves adding a remote access Trojan (RAT) to commodity malware, collecting [access data], and offering that information in appropriate marketplaces.
More Lucrative than Monero Malware Mining?
According to the analysts, Access Mining offers lucrative earning opportunities to malicious actors:
One of the most popular Access Marketplaces […] offers over 35,000 credentials for sale in various countries and for a variety of Windows operating systems. Prices are between $ 4 and $ 20, with an average selling price of $ 6.75.
Without citing Adam Riese, the analysts make the following milk girl bill. If the additions to only half of the infected devices are sold, that means a turnover of 1.69 million US dollars. Whether this is more lucrative, than continue to mine in silent XMR, of course, depends not least on the Monero rate.
Earlier this year, researchers had estimated the proportion of malware mining XMR at over 4.2 percent.
Image via Shutterstock