Cryptomining Worm Botnet Seeking And Attacking Vulnerable Devices

April 27, 2021

Written by wukovits

cryptomining worm botnet seeking and attacking vulnerable devicesThere’s a new cryptomining worm threat to be aware of, and it’s making the lives of IT Administrators who manage Windows and Linux environments nightmarish.

This news comes from a recently published report offered by a research firm called Juniper, which began monitoring the activities of the new Sysrv Botnet back in December of 2020.

One of the things that makes Sysrv a serious threat is the fact that it has worm-like abilities and can spread from one vulnerable device to another connected vulnerable device with ease. It can do that in record time, so what starts off as a small, manageable problem can quickly spiral out of control.

Worse, the hacker or group behind the new botnet has been busily updating their malicious minions, giving the botnet an arsenal of exploits that has grown in size almost continually since the company first started tracking its activities.

Among other things, it can add SSH keys and use any of the following exploits:

  • Drupal Ajax
  • Mongo Express
  • Saltstack
  • ThinkPHP
  • XML-RPC

The main goal of the person or persons behind this new threat seems to be to maximize cryptocurrency mining rewards.

The malware is set up to mine for the following mining pools:

  • Xmr-eu1.nanopool.org:14444
  • f2pool.com:13531
  • minexmr.com:5555

The malware is currently designed to mine XMR, and they’ve infected such a sufficient number of machines that they’re averaging about 1 XMR every two days. Between March 1st and March 28th of this year (2021) the wallet associated with the malware saw an increase of 8 XMR, worth about $1700.

Unfortunately, while the drain on computing power is bad enough on its own, that’s not the worst of it. Once a machine is infected, it is entirely possible that Sysrv’s controllers could upload additional malware that could be genuinely destructive. All that to say, be on the alert for this one, it’s bad news and a growing threat.

Used with permission from Article Aggregator

Bayou Tech

We provide solutions for your business. Find out how we can help.

Related Articles

Key Considerations for Effective Cybersecurity Implementation

Consider this: In the realm of cybersecurity, things often get tangled in the web of "you should do it anyway" arguments. Yet, for busy business owners bombarded with daily "must-dos," deciphering the essentials from the fluff can feel like a cyber maze. We aim to...

Unlocking Small Business Success: The Impact of AI in a Digital Era

In the rapidly evolving business landscape, staying competitive necessitates embracing technological advancements. Artificial Intelligence (AI), once perceived as a luxury for larger enterprises, is now accessible to small businesses, offering new opportunities for...