Discover botnet hiding YouTube shadow stealthily deploying malicious activities

The internet world is constantly in motion, and the malicious actors in this virtual world are also actively changing to adapt to that reel.

The internet world is constantly in motion, and the malicious actors in this virtual world are also actively changing to adapt to that reel. Recently, a long-known botnet has silently changed malicious behavior, turned to cryptocurrency-related activities and used YouTube itself as a refuge for a long time.

The botnet, called Statinko, was first known in 2012 and is used as part of large-scale malicious advertising campaigns. However, according to recent findings by security experts from ESET spol sro, Statinko with the current scale of more than 500,000 computers has moved from adware and other nefarious activities to operations. Dynamic distribution of cryptocurrency mining modules. In particular, this Botnet has been hiding on YouTube to secretly deploy malicious activities for a long time without being detected.

Picture 1 of Discover botnet hiding YouTube shadow stealthily deploying malicious activities

The cryptocurrency mining module being distributed by Statinko is likely to be an enhanced modified version of xmr-stak - a popular open source cryptocurrency that also owns cryptographic chains and functions. extremely effective hiding.

To avoid detection, Statinko used YouTube to identify a proxy instead of communicating directly with the exploit team - an activity that made it easier to detect. The description of the videos uploaded by the botnet to YouTube contains multiple text strings that show the access script helps deploy illegal Monero cryptocurrency mining operations. This has surpassed both YouTube and independent security groups for a long time.

The ESET security research team contacted YouTube to announce their findings, and the related videos and accounts were taken down. However, the incident highlights some of the unique methods being used by hackers to hide their infringing activities, such as taking advantage of popular websites and tools to avoid being detected.

Update 03 December 2019
Category

System

Mac OS X

Hardware

Game

Tech info

Technology

Science

Life

Application

Electric

Program

Mobile