Smominru botnet uses WannaMine malware to mine cryptocurrency
WannaMine is the name of the malware designed to infect computers to mine cryptocurrency, this new malware is used by a group with one of the biggest botnets know: Smominru. The first signs about this botnet is from May 2017.
Researchers reports the exploit used by this malware is EternalBlue, at the moment has more than 500000 computers affected. They alerts the detection is very hard, malware execution is stealthy and doesn’t have any software installation.
On an infected device, the malware will try to reach more computers on the internal network to infect them. Next, WannaMine, will use PowerShell and Windows Manager Instrumentation to mine cryptocurrency consuming CPU resources, on an internal network the malware could flood it.
References
-
31/01/2018muyseguridad.net
-
1/02/2018securityaffairs.co
-
1/02/2018blogs.protegerse.com
Etiquetas
