New Instance of Monero Malware Sees Cryptojackers Target Linux Users

The modified Shellbot trojan is thought to have originated from a Romanian hacker collective.

More cryptocurrency mining malware continues to target major corporations, hijacking victims to mine altcoin Monero (XMR), new research warned on Feb. 5.

Findings from the Special Ops team at United States cybersecurity company JASK reveal a modified version of trojan Shellbot has become increasingly prevalent since its debut in November last year.

The perpetrators, the company says, appear to be a Romanian hacker group known as Outlaw, a translation of the Romanian word “haiduc,” which also lends its name to one of the payloads the malware installs.

“The toolkit observed [...] in use by the attacker contains three primary components: IRC (Internet Relay Chat) botware for Command and Control (C2), a revenue stream via Monero mining, and a popular scan and brute force tool, haiduc,” JASK confirmed.

The latest threat specifically targets users of devices running Linux. In mid-January, research from Palo Alto Networks found another Monero-mining malware targeting Linux users that had the ability to disable cloud-based security measures to avoid detection.

As Cointelegraph reported, so-called “cryptojacking attacks” — installing malware which secretly mines cryptocurrency on a victim’s device — have become considerably more widespread over the past year.

Malware detections shot up almost 500 percent in the first half of 2018, while a survey in August 2018 claimed that in the United Kingdom alone, over half of businesses had been affected by cryptojacking at some point.

This year, separate statistics suggested that around 4.4 percent of all XMR in circulation came from nefarious sources.

COMMENTS

By Readers$type=blogging$cate=2$count=6

Name

Analysis,498,News,2592,Press Releases,338,Sponsored,137,
ltr
item
CryptoNomus: New Instance of Monero Malware Sees Cryptojackers Target Linux Users
New Instance of Monero Malware Sees Cryptojackers Target Linux Users
https://images.cointelegraph.com/images/528_aHR0cHM6Ly9zMy5jb2ludGVsZWdyYXBoLmNvbS9zdG9yYWdlL3VwbG9hZHMvdmlldy84MTA1YjY4OWVhMTI3ZDczYzIyNTA4ZmI3MzgzYzk5OC5qcGc=.jpg
CryptoNomus
https://www.cryptonom.us/2019/02/new-instance-of-monero-malware-sees.html
https://www.cryptonom.us/
https://www.cryptonom.us/
https://www.cryptonom.us/2019/02/new-instance-of-monero-malware-sees.html
true
4884201149675661183
UTF-8
Loaded All Posts Not found any posts VIEW ALL Readmore Reply Cancel reply Delete By Home PAGES POSTS View All RECOMMENDED FOR YOU LABEL ARCHIVE SEARCH ALL POSTS Not found any post match with your request Back Home Sunday Monday Tuesday Wednesday Thursday Friday Saturday Sun Mon Tue Wed Thu Fri Sat January February March April May June July August September October November December Jan Feb Mar Apr May Jun Jul Aug Sep Oct Nov Dec just now 1 minute ago $$1$$ minutes ago 1 hour ago $$1$$ hours ago Yesterday $$1$$ days ago $$1$$ weeks ago more than 5 weeks ago Followers Follow THIS PREMIUM CONTENT IS LOCKED STEP 1: Share. STEP 2: Click the link you shared to unlock Copy All Code Select All Code All codes were copied to your clipboard Can not copy the codes / texts, please press [CTRL]+[C] (or CMD+C with Mac) to copy