While many have come up with ways to help improve security while online, Smominru, a popular computer virus that mines Monero, has reportedly been doing some upgrading of its own.
Earlier this week, cybersecurity company Carbon Black published a blog post in which it detailed how its Threat Analysis Unit found what appeared to be a secondary component of the crypto mining malware. In the report, Carbon Black revealed that the malware has been upgraded significantly, and is now able to “also steal system access information for possible sale on the dark web.”
The update is reportedly a part of a broader trend in the development of malware; one which could prove to be immune to some of the most advanced security infrastructure on the market today. In part, the report noted, “This discovery indicates a bigger trend of commodity malware evolving to mask a darker purpose and will force a change in the way cybersecurity professionals classify, investigate and protect themselves from threats.”
Researchers believe that the development of this mining trend will still have some far-reaching implications for the crypto and cybersecurity spaces.
The report did show that while Smonmiru has been able to evolve, its objective still remains the same; it gets into the inner mechanics of a computer, and uses its processing power to mine Monero and send the asset to hackers cryptocurrency exchange accounts. However, what is especially new is its ability to perform “access mining,” as it could now steal personal information (including access credentials) from the infected machines as well.
The development of this malware is coming at a time when cryptocurrencies are facing a bit of a volatile period. With Bitcoin trading close to its all-time high levels and other altcoins doing pretty well, many have continued to clamor for broader adoption.
However, increased security risks like these would undoubtedly make governments somewhat skeptical about the prospect of giving the regulatory green light. Security has always been a major stumbling block to the acceptance of crypto assets within the wider regulatory framework, and if these issues aren’t solved, more problems await crypto in the future.
In a separate report, Carbon Black revealed that with access mining, hackers have been able to earn some additional income from affected computers.
The report showed that up to 500,000 machines had been attackers with XMRig, a cryptojacking protocol, with up to 8,900 XMR being collected. Most of the infected machines were said to be located in Eastern Europe and the Asia Pacific region.
The report states that unbeknownst at the time, the computers weren’t only hacked with a ghost protocol, but with the data collection malware as well — a patchwork of programs taken from open source code on GitHub and implemented on XMRig.
The hackers were able to use the data to earn even more money without hacking funds from cryptocurrency exchanges. It showed that an infected machine could sell for about $6.75 on the Dark Web, which makes the 500,000 hauls quite a pretty penny. Infected computers can reportedly also be rented for 1 or 2 days. Depending on the location or owner of the devices, their values could skyrocket as well.
Carbon Black revealed that at a price of $90 per XRM, the hacking group behind this attack could have up to $3.3 million in assets.