Exploit national security Agency U.S. (NSA) has allowed the botnet virus Smominru, minasama cryptocurrency to infect more than 526 000 personal computers. About it on January 31 announced the publication of Hacker News.
Researchers at security software company Proofpoint have detected a new global botnet called Smominru, also known as Ismo. The malware uses exploit EternalBlue for mining Monero .
According to The Hacker News, exploit EternalBlue was free in the attack the hacker group Shadow Brokers, which is also responsible for creating malware WannaCry, mass distribution which had for 2017.
Proofpoint reported that the botnet infects computers Smominru from may 2017, producing about 24 coins Monero per day. To date, the botnet managed to get about 8 900 Monero that at the time of writing, equivalent to $2.1 million in the United States. According to the researchers, the largest number of infected computers Smominru was discovered in Russia, India and Taiwan.
According to Proofpoint, cyber criminals target vulnerable version of Windows, also using the exploit called EsteemAudit.
According to the Hacker News, the experts advised the service of protection against DDoS-attacks, SharkTech, where it was discovered infrastructure to manage Smominru. However, there was no answer.
Recently, Internet users have undergone a large-scale hacker attack, also aimed at mining Monero. Malware for mining Monero using the Internet is mostly associated with a controversial platform Coinhive, has affected a huge number of users and online companies, including Youtube.