Circulating Monero has been mined using malware.
Palo Alto Networks is the next generation security company with the highest growth in the market thanks to its way to counteract cyber attacks under its unique approach of “prevention is first” It has managed to grant immunity to cyber threats automatically to its customers all over the world thanks to its extensive experience, its commitment to innovation, and a revolutionary security platform.
The company’s focus is to end the era of cyber attacks by natively integrating its next-generation firewall, its advanced protection for the Endpoint, and its exclusive Threat Intelligence Cloud.
In this regard, in a study conducted by Palo Alto Networks, which analyzed more than 629,126 samples of malwares detected in cryptocurrency mining operations. He pointed out that at least 5% of the Monero (XMR) in circulation would be mined using malware, and about 2% of the hashrate produced daily comes from devices infected with malware for cryptocurrency mining. Figures provided after a series of investigations related to malwares for the crypto-industry, developed by Palo Alto Networks cyber security researchers.
It should be noted that, this research did not take into account the cryptojackers (in-browser miners), but only the traditional malwares that infect the equipment and servers since the middle of last year, when the operations of criptominería increased significantly.
Likewise, the researchers determined that around 84% of the analyzed malwares would be used for Monero’s mining, a cryptocurrency generally associated with this type of activity due to the difficulty in tracking their operations.
Since Monero mining using malwares must “adhere” to the base code, the mining pool, and the addresses in which the malwares operate, the researchers were able to track most of the money these groups generated using infected devices.
In this way, by tracking Monero’s 2,341 addresses, the researchers found 5,316,663 samples of malware destined for the crypto-mining of this currency, even being able to determine the amount of money these groups generated last year. According to the investigators, “the criminals would have managed to mine approximately 108 million dollars through 798,613 Monero tokens (XMR) using only devices infected with malwares, which would represent around 5% of Monero circulating today.”
However, the researchers also noted that only 1,278 of the 2,341 addresses found would have more than 0.01 XMR in their accounts, which could indicate that the malware is not working properly or that the miner would use more than one pool for their operations.
In this way, Monero is currently one of the favorite cryptocurrencies among hackers since it allows transactions to be made in an even more anonymous way than Bitcoin. The most used malware to undermine this cryptocurrency are CoinHive, Rig EK, Cryptoloot, Roughted, Fireball, Globeimposter, Ramnit, Virut, Conficker and Rocks. However, there is a recently detected malware that wants to make them compete: Smominru.
Also known as Ismo, this Monero mining malware uses an exploit from the National Security Agency (NSA) called EternalBlue, which was leaked last April by the hacking group Shadow Brokers, also responsible for unleashing the WannaCry ransomware. Also, hackers have been using a leaked NSA exploit called EsteemAudit.
More than 526,000 Windows computers have been infected by Smominru malware since May 2017, according to cybersecurity firm Proofpoint. Since then, its researchers have been monitoring the massive botnet worldwide, with which its operators have pocketed millions at the expense of the computing power of others.
At the moment, CoinHive is still the most used malware to undermine Monero because it can be placed on websites to use the computing power of you are navigating them in real time without them noticing.
Disclaimer: InfoCoin is not affiliated with any of the companies mentioned in this article and is not responsible for their products and / or services. This press release is for informational purposes information does not constitute investment advice or an offer to invest.