Detecting cryptocurrency mining Botnet using photos of Taylor Swift to spread malicious code
UK-based cybersecurity firm Sophos, has just found a cryptocurrency mining botnet that has a unique and effective way to spread malicious code.
This botnet, called MyKingz (also known as Smominru, DarkCloud or Hexmen), now takes advantage of steganography - a technique that allows hiding malicious files inside valid files to trick people 'lightly. gullible 'or not very knowledgeable about data security.
According to Sophos' discovery, the people behind MyKingz had hidden a malicious EXE executable file inside the JPEG image of famous singer Taylor Swift and used this image to deceive and spread the malicious code on. computers of the victims when they click on the photo.
The original image (left) looks very normal, but deep inside it is a malicious file
Actually, MyKingz is not a new Botnet. It was first discovered in 2017, but one of the characteristics that makes MyKingz so dangerous is its ability to hide and change the mode of transmission extremely flexible. Currently, this Botnet is recognized as one of the few malware exploiting cryptocurrency with scale up to hundreds of thousands of devices.
In actual operation, MyKingz mainly focuses on Windows systems, and in particular, this Botnet owns one of the most sophisticated scanning and malware infection mechanisms ever recorded on all botnets. known to the present time. MyKingz can target any Windows-related system, such as MySQL, MS-SQL, Telnet, ssh, IPC, WMI, Remote Desktop (RDP) and even storage servers. CCTV camera.
According to estimates, just a few months after being launched on a global scale, MyKingz successfully infected over 525,000 Windows systems, collecting Monero virtual currency (XMR) worth up to more than $ 2.3 million. . The 'preferred' countries of this Botnet include: China, Taiwan, Russia, Brazil, USA, India and Japan.
Sophos' latest report shows that MyKingz is currently infected with around 4,700 new systems and helping attackers pocket $ 300 a day - the amount is not too large but mainly because Monero's exchange rate is on the decline. strong.
You should read it
- Summary of the hottest technology news of June 4, 2015
- Discover botnet hiding YouTube shadow stealthily deploying malicious activities
- Just because he wanted to hack the game, my brother was infected with cryptocurrency mining malware and ruined his laptop like this
- Botnets can change CPU settings to increase mining performance
- French police successfully cracked down on a botnet that exploits 850,000 computers from more than 100 countries.
- Instructions for creating double exposure images in Photoshop
- Microsoft has just taken down a huge botnet network
- Thousands of images on Google are infected with malicious code
May be interested
- Detecting a new type of malware that steals Windows passwords, installs a virtual currency mining tool and continues to spread trojansa newly discovered malicious code will reach victims through ads displayed in search results. after successfully reaching the windows computer, it will steal passwords, install cryptocurrency miners and run other trojan delivery tasks.
- Warning: New malicious code is infecting about 500,000 router devicescisco researchers have released a warning warning about a malicious malicious code called vpnfilter, which is spread by a group of hackers spreading more than 500,000 home or small companies' devices across the globe. world.
- Discovered a new line of malicious Android code that steals user data on the electronic application marketrecently a security expert at trend micro discovered a new line of malicious code first written in kotlin, a kind of static language for android programmers.
- List of SWIFT/BIC codes of banks in Vietnamknowing the information about the bank's swift/bic code is essential when you want to make international money transfers and receive transactions.
- Dirty SEO campaign brings a series of malicious software to the top of searchcybercriminals are using dirty seo methods to bring malicious software to the top of search.
- Summary of the hottest technology news of June 4, 201525 billionaires usd goes up from the white, how to block facebook advertising messages, apple concessions taylor swift case album 1989, how to find hardware drivers that windows does not recognize or email applications on ios ... are those news and tips are most interested in the week
- SteelFox Trojan: Malware Turns PCs Into Cryptocurrency Mining Zombiesthis malware infects people looking to avoid paying for the product, steals their personal information, and turns their computers into cryptocurrency mining zombies.
- Malware sneaks into iOS through Apple's official distribution channelstaking advantage of distribution channels of unapproved applications for testing purposes, malicious code has quietly sneaked into ios users' devices.
- What malicious code is designed to spread through IoT devices?mirai is a malicious code designed to spread through iot devices. click to see this article now to learn how to prevent your computer from being infiltrated by malicious codes!
- Discover a new kind of malicious code that can record the phone call to extort moneyreddrop is one of the most sophisticated android malware that researchers have ever seen spread widely.