Watchout! Satori Botnet Targets Exposed Ethereum Miners

Yesterday, BleepingComputer brought to light recent reports that have Ethereum miners worried, as enslaved internet-connected devices have been targeting miners worldwide.  Evidence filed by multiple internet security companies have shown that the Satori botnet, a system of IoT devices which number in the tens of thousands, has been trying to infiltrate Ethereum miners through a 3333 port exploit. This specific port has often been a way in which miners can remotely control their mining equipment,

The post Watchout! Satori Botnet Targets Exposed Ethereum Miners appeared first on Bitcoinist.com.

Continue Reading

New ‘Snobbish’ Cryptojacking Malware Infected 500k Users in 3 Days, Report Says

WinstarNssmMiner, a new type of malware script used to mine Monero, has spread to half a million devices in 3 days, cyber researcher reports.

A new piece of so-called cryptojacking malware used half a million computers to mine 133 Monero (XMR) tokens (about $25,000) in three days, Finance Magnates reports today, May 18.

New research published by cyber security firm 360 Total Security May 16 found that the malware, referred to as WinstarNssmMiner, presents a fresh challenge to users, due to its ability to both mine and crash infected machines at will.

Malicious software that engages in cryptojacking – the use of another’s device to mine crypto without their knowledge – has become a common phenomenon in recent months.

As Cointelegraph reported, instances have risen dramatically in 2018.  A warning from Microsoft highlighted only 644,000 infected devices in the period September 2017 to January 2018 – only slightly more than WinstarNssmMiner’s three-day progress.

Commenting on the latest threat, 360 said it was “surprised” that in addition to mining Monero, the malware could also force a user’s PC to crash if it detected the presence of certain antivirus software, writing:

“This malware is very hard to remove since victims’ computers crash as soon as they found and terminate the malware.”

A twist comes in the form of what 360 describes as “snobbish” behavior regarding antivirus brands: the presence of well-known products from companies such as Kaspersky Lab and Avast! cause WinstarNssmMiner not to activate at all. Other brands are ignored, resulting in mining and crashes.

Earlier this month, Cointelegraph also reported on how code for crypto-mining program Coinhive was found on over 300 governmental and university websites worldwide.

Continue Reading