Newly Discovered Botnet Infected Up to 5,000 Computers With a Monero Miner

Cisco researchers estimate the botnet may have earned its owner $5,000 worth of monero since it started operation four months ago.

Jul 22, 2020 at 3:30 p.m. UTC
Updated Sep 14, 2021 at 9:34 a.m. UTC

A highly sophisticated hacker has infiltrated thousands of computers and hijacked them to covertly mine the privacy coin monero.

  • Security intelligence firm Cisco Talos, part of U.S. tech giant Cisco Systems, said it discovered a botnet – a network of internet-connected devices – that had been active for months, in its report Wednesday.
  • Dubbed "Prometei," the botnet can disable security controls, copy across important files, and masquerade as other programs to set up covert mining operations in computer systems.
  • It also constantly reinvents its tools in order to avoid detection.
  • Since starting operation in early March, researchers estimate it has infected anywhere between 1,000 and 5,000 systems.
  • Prometei may have earned its owner approximately $5,000 worth of monero – around $1,250 per month, the report reads.
  • Cisco Talos doesn't know the identity of the hacker, but it is likely to be a single professional developer based somewhere in Eastern Europe.
  • It also found the botnet had also stolen credentials, such as administrator passwords, possibly to sell on the black market.
  • Monero is the cryptocurrency of choice for these attack vectors as it can be mined easily with general-purpose CPUs and can be traded with little risk of detection.

Read more about
The Festival for the Decentralized World
Thursday - Sunday, June 9-12, 2022
Austin, Texas
Save a Seat Now

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Trending

1
CoinDesk - Unknown
What We Know So Far About SHIB: The Metaverse

The meme coin continues to expand its utility with its latest move into the metaverse.

The meme coin continues to expand its utility with its latest move into the metaverse.

CoinDesk - Unknown
2
CoinDesk - Unknown
Bitcoin Is Apolitical, but Won't Be Much Longer

Practically speaking, everything is eaten by the culture war.

Practically speaking, everything is eaten by the culture war.

CoinDesk - Unknown
3
CoinDesk - Unknown
Exploring the Star Atlas Metaverse

A review on the space-themed, multiplayer gaming metaverse based on the Solana blockchain.

A review on the space-themed, multiplayer gaming metaverse based on the Solana blockchain.

CoinDesk - Unknown
4
CoinDesk - Unknown
Argentinian Crypto Exchange Buenbit Cuts 45% of Staff Due to Tech Industry Downturn

The company will focus on its current operations in Argentina, Mexico and Peru, and freeze previous plans to expand into other countries.

The company will focus on its current operations in Argentina, Mexico and Peru, and freeze previous plans to expand into other countries.

CoinDesk - Unknown