Monero-Mining Malware 'Crackonosh' Has Infected 222K Computers, Researchers Find

The virus has yielded over $2 million worth of XMR for its authors, security firm Avast said in a Thursday report.

Jun 24, 2021 at 7:24 p.m. UTC
Updated Sep 14, 2021 at 1:16 p.m. UTC

Malware called "Crackonosh" has been found in 222,000 compromised computers that were used to download illegal, torrented versions of popular video games, including "NBA 2K19" and "Grand Theft Auto V," according to a report from security company Avast published Thursday.

The virus, which has been circulating since at least June 2018, installs crypto-mining software that has yielded its authors over $2 million worth of monero.

Monero is a privacy coin that is often used by cybercriminals because it is much more difficult to trace than other cryptocurrencies like bitcoin. Monero-focused crypto-mining attacks are relatively common: The Pirate Bay, a website where users can download movies, music, software and games, announced in 2018 it would be “cryptojacking” visitors’ processing power to mine for monero, and in 2020, a botnet called “Vollgar” was found to be targeting Microsoft’s SQL servers to mine for monero, as well.

According to Avast’s analysis, Crackonosh successfully operated for years because it had built-in mechanisms to disable security software and updates, which made it difficult for users to detect and remove the program. 

The malware is thought to have originated in the Czech Republic, but it has a global reach. Cases in the United States make up only 5% of the total.

Avast’s blog post addresses the spread of the malware and teaches affected users how to uninstall the program.

The blog’s author, Daniel Benes, also shares some words of wisdom:

“The key take-away from this is that you really can’t get something for nothing and when you try to steal software, odds are someone is trying to steal from you.”
The Festival for the Decentralized World
Thursday - Sunday, June 9-12, 2022
Austin, Texas
Save a Seat Now

DISCLOSURE

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information has been updated.

The leader in news and information on cryptocurrency, digital assets and the future of money, CoinDesk is a media outlet that strives for the highest journalistic standards and abides by a strict set of editorial policies. CoinDesk is an independent operating subsidiary of Digital Currency Group, which invests in cryptocurrencies and blockchain startups. As part of their compensation, certain CoinDesk employees, including editorial employees, may receive exposure to DCG equity in the form of stock appreciation rights, which vest over a multi-year period. CoinDesk journalists are not allowed to purchase stock outright in DCG.

Trending

1
CoinDesk - Unknown
Bitcoin Records Eighth Week of Losses, but Sentiment Indicator Suggests Upside

Sentiment indicators reached “rock bottom” on Monday amid a prominent fund manager calling for a retest of 2019’s price levels.

Sentiment indicators reached “rock bottom” on Monday amid a prominent fund manager calling for a retest of 2019’s price levels.

CoinDesk - Unknown
2
CoinDesk - Unknown
Coinbase Enters Fortune 500 List of Biggest US Companies

The first crypto company to join the list recorded revenue of over $7.8 billion in fiscal 2021 and placed 437th.

The first crypto company to join the list recorded revenue of over $7.8 billion in fiscal 2021 and placed 437th.

CoinDesk - Unknown
3
CoinDesk - Unknown
Climate Company Flowcarbon Raises $70M Through A16z-Led Round, Sale of Carbon-Backed Token

Flowcarbon aims to drive investment in projects that remove carbon from the atmosphere by creating a protocol that tokenizes carbon credits.

Flowcarbon aims to drive investment in projects that remove carbon from the atmosphere by creating a protocol that tokenizes carbon credits.

CoinDesk - Unknown
4
CoinDesk - Unknown
ECB Warns That Crypto Risks Could Spill Over Into Wider Economy

Given the increasing risks of crypto, it is important to bring it into the regulatory perimeter as a matter of urgency, the European Central Bank said in a report.

Given the increasing risks of crypto, it is important to bring it into the regulatory perimeter as a matter of urgency, the European Central Bank said in a report.

CoinDesk - Unknown