InsideBitcoins.com

MyKingz Botnet Now Uses Taylor Swift Images To Hide Malware

bitcoin security

Unique to the crypto industry, operators of a notorious crypto-mining botnet are currently adding an image of a famous pop singer as a payload: Taylor Swift. This image hides a malware payload that infects computers with crypto mining malware, as per the standard infection chain of the botnet.

Many Names, One Large Threat

The botnet in question has several names about it, mostly depending on the cybersecurity firm that’s giving the report about them. The names MyKingz, DarkCloud, Smominru, and Hexmen all mean the same group, only from various firms. For the sake of this article, the name MyKingz will be used.

The MyKingz botnet was spotted back in late 2017. Ever since its discovery, the botnet has held the infamous title of being the largest malware operation on the market. The MyKingz operators are majorly focused on windows systems, wherein they deploy an array of crypto mining apps to generate profit by way of the device’s compromised resources.

A Hailstorm of Attacks

MyKingz is known for the sheer diversity in scope when it comes to the infection vectors and internet scamming of the botnet. If there’s some sort of port, vulnerability or exploit, MyKingz has some finger in that pie. The operators of MyKingsz make use of everything from Telnet to SSH, MySQL to MS-SQL, to RDP and even rarer formats like WMI or IPC.

Sophos, a UK-based cybersecurity firm, spotted the latest addition to the botnet’s ever-expanding modus operandi this month. In the grand scheme of things, this is neither new, significant, or even groundbreaking. The problem isn’t Taylor Swift’s image being used, as mildly amusing as that is, it’s more of it being a drop in a lake of other avenues MyKingz uses for exploitation.

A New Plan

Sophos states that this is one of the MyKingz operator’s new foray of experimentation in steganography, or rather to hide a malicious program within an otherwise legitimate file. In this case, all MyKingz is doing is hiding a malicious EXE file within a JPEG image.

Through doing so, the operatives hope to trick security software on enterprise networks into believing the image has no flaws. The security services will only see the JPG file being downloaded to the host system, instead of the far more dangerous EXE file.

As stated before, the issue isn’t this picture in question; it’s MyKingz’s sheer ability to be one of the biggest threats to Windows computers and enterprise networks. The botnet has been holding that title for two years, showing no mercy to any system vulnerability.

Top brokers for buying and trading cryptocurrencies

  • Platform
  • Features
  • Rating
  • Visit Site
  • US-Friendly
  • Paypal accepted
  • 12+ cryptocurrencies
4.5/5

Visit Site
75% of retail investors lose money.
eToro Reviews

    eToro Reviews

    https://insidebitcoins.com/visit/etoro-newsCreate your account
    Hide eToro Reviews
    • Best broker for non-US countries
    • Trade crypto CFDs, forex and stocks
    • No withdrawal or deposit fees
    4.5/5

    Visit Site
    80.5% of retail investors lose money.
    Plus500 Reviews

      Plus500 Reviews

      https://insidebitcoins.com/visit/plus500-newsCreate your account
      Hide Plus500 Reviews
      Remember, all trading carries risk. Past performance is no guarantee of future results.
      Avatar

      A journalist, with experience in web journalism and marketing. Ali holds a master's degree in finance and enjoys writing about cryptocurrencies and fintech. Ali’s work has been published on a number of cryptocurrency publications.