Cryptocurrencies

Shake it off! Smominru crypto mining botnet spreads using Taylor Swift pics

A powerful botnet that mines crypto on victims’ networks is being spread using pictures of pop superstar Taylor Swift, cybersecurity experts have warned.

The Smominru botnet infects hardware and steals victims’ credentials, installs a Trojan module and a cryptominer, and propagates inside the network.

Now the hackers behind it are using pictures of Swift, who stars in the new Cats film, to spread the bug, according to cybersecurity firm Sophos.

In a blog post, Sophos’ Gabor Szappanos and Andrew Brandt state: “There’s a pretty good chance everyone who reads this story will have had some degree of interaction with a botnet we call MyKings (and others called DarkCloud or Smominru), whether you know it or not.

“For the past couple of years, this botnet has been a persistent source of nuisance-grade opportunistic attacks against the underpatched, low-hanging fruit of the internet. It’s probably knocking at your firewall right now.

“The botnet has begun to experiment with hiding malware payloads in plain sight, storing the file in an image using a process called steganography.

“In this sample image (the Taylor Swift image), a Windows malware executable (identifiable by its characteristic MZ header bytes and text) appears within the image data in a modified .jpg photo of Taylor Swift.

“MyKings’ operators uploaded this innocuous-looking image file to a public repository and then used it to deliver an update to the botnet.”

The botnet has spread throughout the world

During August, the Smominru botnet infected 90,000 machines around the world, with an infection rate of 4,700 machines per day. Countries with several thousands of infected machines include China, Taiwan, Russia, Brazil, and the US.

As the attacks were untargeted and did not discriminate against industries or targets, they reached victims in various sectors. The largest network belongs to a healthcare provider in Italy with a total of 65 infected hosts.

“Unfortunately, this demonstrates that while many companies spend money on expensive hardware, they are not taking basic security measures, such as patching their running operating system,” the report added.

 

Sam Webb

Sam has nearly two decades of reporting experience and has previously worked for The Mail, The Sun, The Mirror, The Daily Star and numerous trade publications. As a freelancer, he has had stories picked up by media outlets throughout the world including Fox News, The Times and News.com.au. He focuses on foreign news and is keenly interested in how crypto is used by criminals and terrorists.

Disqus Comments Loading...

Recent Posts

Zircuit Launches ZRC Token: Pioneering the Next Era of Decentralized Finance

George Town, Grand Cayman, 22nd November 2024, Chainwire

43 mins ago

The surge of Bitcoin NFTs: Everything you should know about Bitcoin ordinals

From digital art to real-estate assets, NFTs have become a significant attraction for investors who…

4 weeks ago

MEXC Partners with Aptos to Launch Events Featuring a 1.5 Million USDT Prize Pool

Singapore, Singapore, 21st October 2024, Chainwire

1 month ago