Security: Updates for FOSS, Botnets for Windows
Security updates for Friday
A giant botnet is forcing Windows servers to mine cryptocurrency
A massive cyptocurrency mining botnet has taken over half a million machines, and may have made its cybercriminal controllers millions of dollars. The whole operation is powered by EternalBlue, the leaked NSA exploit which made the WannaCry ransomware outbreak so destructive.
The Smominru miner botnet turns infected machines into miners of the Monero cryptocurrency and is believed to have made its owners around $3.6m since it started operating in May 2017 -- about a month after EternalBlue leaked and around the same time as the WannaCry attack.
While it isn't uncommon for cybercriminals to leverage the power of hijacked networks of computers to acquire cryptocurrency, this particular network is significant due to its individual size -- double that of the Adylkuzz mining botnet.
NSA's Microsoft SMB protocol exploit EternalBlue returns with WannaMine cryptocurrency-jacking malware
Fileless WannaMine Cryptojacking Malware Using NSA Exploit
WannaMine: Cryptocurrency Mining Malware That Uses An NSA Exploit
