Latest Linux Mining Malware Uses Minergate’s Monero Pool – Bitcoin Isle
It has bot a while since wij last eyed a fresh malware threat ter the form of a cryptocurrency miner. Do not be mistaken ter thinking cybercriminals have given up on the idea, however. A fresh cryptocurrency mining malware referred to spil Linux.BTCMine.26 is actively distributed to Linux computers using default Telnet credentials. Unlike what the name suggests, it does not mine Bitcoin but is more interested te Monero. Additionally, it only targets X86-64 and ARM hardware-based devices.
Yet Another BTCMine Malware Variant
People who have kept tabs on the cryptocurrency mining malware toneel may recognize the BTCMine name. It is neither the very first strafgevangenis the last time this name will be associated with nefarious contraptions designed to use other people&rsquo,s device resources and mine cryptocurrency. With Bitcoin mining becoming utterly unprofitable without the use of specific hardware, there are other currencies which can still be mined with relative ease. One of those currencies is Monero, an altcoin which recently surged te value after weeks of sideways trading act.
The fresh mining malware wasgoed discovered earlier this week. It shows up to be mainly targeting Linux servers and computers, which is not entirely unusual. While the Linux operating system has bot pretty safe from cybercriminal activity the past few years, things are very different when it comes to cryptocurrency mining malware. Several types have targeted Linux users overheen the past few months and it looks like things will not be switching anytime soon. Linux.BTCMine.26 searches for Linux devices which use default or wit Telnet credentials to establish a connection.
One would be astonished by how many Linux device users do not take Telnet security earnestly. Operators often fail to make switches to the default settings, which is never a good course of activity. The malware has a built-in Telnet scanner similar to the one found te the Mirai malware. For now, this scanner will only seek out IPv4 addresses, albeit IPv6 support may be added ter the future. Once it finds a susceptible IP address, it will attempt to loom te through a Telnet connection. Assuming this connection is made successfully, the malware will execute guidelines to download the BTCMine binary ter question.
This malware&rsquo,s source code has many references to Brian Krebs, one of the industry leaders when it comes to infosec. There is a war going on inbetween infosec journalists and cybercriminals, and calling out one another has become somewhat of the vaandel overheen the years. The code also exposes that the malware uses the Minergate XMR pool to successfully mine the cryptocurrency using the username &ldquo,[email protected]&rdquo, It is doubtful the pool could do anything about this, spil the criminals would lightly create a fresh username within seconds.
Sadly, this is yet another example of how cybercriminals are targeting cryptocurrency ter one way or another. Some efforts concentrate on stealing wallets and phishing scams, whereas others just use pc resources to mine currencies such spil Monero and ZCash. Wij will assuredly see other mining malware types emerge overheen the coming months, not all of which will only be native to the Linux operating system.
Cybercriminals still have a lotsbestemming of love for cryptocurrencies te general. Monero is a far more anonymous solution compared to Bitcoin. This does not mean Monero is a volmaakt implement for criminals by any means, even tho’ it is not hard to see why they would choose to mine it than Bitcoin. It will be interesting to see how this situation evolves te the coming months and years. Until users embark taking device security more earnestly, malware types such spil this one will always be somewhat successful.