Have you ever wanted to get involved in crypto-mining but weren’t sure how? Well, you may have inadvertently been mining some Monero (XMR) all this time without even knowing it!
Yesterday, GaurdiCore Labs, an internet security company, released a report outlining a type of malware that infects networked machines all across the Internet and secretly uses them for illicit mining activities.
The report suggests that as many as 40,000 servers, modems, routers and other devices have been infected using common hacking methods such as brute-force, exploits and weak configurations.
The malware, known as Operation Prowli, is designed purely to make money for the attackers and uses traffic redirection to send users to infected sites from where the malware is installed and begins to mine.
The attack uses malware installed from the fake site to brute-force attack a device and install a Monero (XMR) miner and something called an r2r2 worm, which then communicates with a C&C server that the hackers control.
It is estimated that as many as 9,000 companies worldwide have been infected on services including Drupal CMS websites, WordPress sites, phpMyAdmin, DSL modems, SSH servers and servers with exposed HP Data Protector software.
The majority of infected companies are based in Russia, China, Brazil and the States and cover a wide variety of industries including computer Services, colleges, software, government, financial and media.
This new attack resembles the WinstarNssmMiner malware that was reported last month to have infected 500,000 computers in just three days.
Image From Shutterstock