Altcoin News: A Hidden Miner Shellbot Steals Monero on Devices with Linux

February 6th, 2019 by Marko Vidrih on ALTCOIN MAGAZINE

A new study, published on February 5th, warns of the discovery of new malware for mining Monero cryptocurrency on devices with Linux.

The findings of Special Ops from cybersecurity, an American company JASK, show that a modified version of the Shellbot trojan has been becoming more common since its debut last November. According to the company, the attackers behind the Trojan are a Romanian hacker group known as Outlaw.

“The […] exploited toolkit used by the attackers contains three main components: botware IRC (Internet Relay Chat) for Command and Control (C2), Monero extraction revenue channel and the popular scanning and brute force tool haiduc,” JASK confirmed.

The detected threat is aimed at users of devices with Linux. In general, Monero is the most popular with fraudsters when it comes to illegal operations on the extraction of cryptocurrency, and about 5% of existing XMR were obtained illegally. In mid-January, another crypto jacking program was discovered, which uses a new trick to avoid detecting and mining XMR on cloud servers.

In November, a survey by the Israeli company Check Point Software Technologies revealed that the malware for Monero mining, called KingMiner, evolves over time to avoid detection.

Cryptodocumentation continues to be one of the most serious threats according to cybersecurity experts. According to the latest report by Check Point Software Technologies, crypto jacking ranked first on the list of cyber threats for the 13th time. Last year, it was also reported that the number of crypto jacking cases for 2018 increased fourfold. This is confirmed by the McAfee company, which announced at the end of 2018 that the number of crypto jacking programs increased by more than 40 times.

Author: Marko Vidrih

Follow us on Twitter, InvestFeed, Facebook, Instagram, LinkedIn, and join our Discord and Telegram.

Read about our upcoming Altcoin Magazine Mastermind Event here.