Cybersecurity experts from ESET identified a Monero mining botnet that illicitly gained access to over 35,000 computer systems across Latin America and has been active at least since May 2019.
The botnet called Victory Gate has been identified as a crypto mining botnet available in three different variants ever since the original model was tracked down by ESET last year. Since May last year, these three forms of infectious malware are widely prevalent in computers across South America.
Illegal Monero mining on the rise
Not surprisingly, the botnet mines Monero – the notoriously privacy-centric coin. Last year in October, it was revealed that Monero mining malware was rampant in the form of audio files and affected thousands of computers to mine the crypto.
Another threat was uncovered by a cybersecurity firm in November when it reported that a group of hackers is looking for exposed and vulnerable Docker platforms on the internet and using them to gain unwarranted access to the networks for mining crypto.
There is no denying that Monero is now the undisputed king of the darknet, surpassing Bitcoin, which was once widely preferred cryptocurrency among cybercriminals. However, with Bitcoin transactions becoming more traceable with time and Monero, in attempts to strengthen its unique selling feature, privacy, has helped the latter emerge as the recent-favorite.
Attacks using the USB
In this case, as ESET suggests, most of the victims were targeted using a form of an external device such as the USB, which, when plugged in, installs an infected payload into the computer. The Monero mining botnet is then activated, which sends various commands to the node.
Meanwhile, there is a possibility that this recently uncovered crypto mining botnet may be used to mine other cryptocurrencies as well if the hackers were able to offer instructions to the nodes for the downloading of additional payloads.
XMR mining botnet wreaks havoc across Latin America
Furthermore, ESET, the team reveals that so far, over 2000 computers were found to be the targets of illegal XMR mining on an everyday basis across Latin America. If we assume the usual hash rate of 150H/s, we can safely deduce that these hackers have collected around $6000 worth XMR using this botnet until now, says ESET in the report.
Although the researchers have been able to successfully identify and detach a large chunk of the Monero mining malicious software, the team urges everyone to exercise the utmost caution as new infections could still make their way into the computers that weren’t a part of ESET’s project.