Taylor swift

A Crypto-Mining Botnet Uses Taylor Swift’s Image To Hide Malware Files

Last Updated: December 20, 2019By

A cryptocurrency-mining botnet is affecting computers with an image of Taylor Swift to expand its malware as extensively as possible.

The operators of MyKingz, contrarily identified as ‘Smominru,’ ‘DarkCloud,’ or ‘Hexmen,’ are leveraging steganography, a method that allows them to store malicious files inside authentic ones, according to U.K. cybersecurity firm Sophos.

The objective of using this method is to deceive security software working on enterprise networks. These security products will only see a host system downloading a banal JPEG file, instead of a much dangerous E.X.E. file. In this case, they are storing a malicious E.X.E. inside a legitimate JPEG picture of Swift.

“There’s a pretty good chance everyone who reads this story will have had some degree of interaction with a botnet we call MyKings (and others call DarkCloud or Smominru), whether you know it or not.

For the past couple of years, this botnet has been a constant source of nuisance-grade opportunistic attacks against the under patched, low-hanging fruit of the internet. It’s probably knocking at your firewall right now. They certainly wouldn’t be the first,” Sophos informed.

MyKingz was first found in the wild in 2017. It is now charged with being one of the most massive cryptocurrency-mining malware possible.

The malware principally concentrates on Windows systems, where they deploy various cryptocurrency-mining apps, which they use to generate profits by an infected device’s resources. It highlights one of the most advanced scanning and infection mechanisms recognized in botnets. It targets almost everything, including Telnet, MySQL, W.M.I., MS-SQL, ssh, I.P.C., Remote Desktop (RDP), and even the servers that manage CCTV camera storage.

During its initial months, MyKingz reportedly tainted over 525,000 Windows systems, profiting more than $2.3 million worth of Monero (X.M.R.).

The nations with the highest population of infected hosts include Russia, China, Brazil, Taiwan, U.S.A., Japan, and India.

It’s expected that MyKingz affects about 4,700 new systems every day. The botnet’s comprehensive income is about $300 per day, mainly due to a reduction in Monero’s exchange rate, Sophos added.

Stay informed with daily updates from Blockchain Magazine on Google News. Click here to follow us and mark as favorite: [Blockchain Magazine on Google News].

Gif;base64,r0lgodlhaqabaaaaach5baekaaealaaaaaabaaeaaaictaeaow==

Get Blockchain Insights In Inbox

Stay ahead of the curve with expert analysis and market updates.

Disclaimer: Any post shared by a third-party agency are sponsored and Blockchain Magazine has no views on any such posts. The views and opinions expressed in this post are those of the clients and do not necessarily reflect the official policy or position of Blockchain Magazine. The information provided in this post is for informational purposes only and should not be considered as financial, investment, or professional advice. Blockchain Magazine does not endorse or promote any specific products, services, or companies mentioned in this posts. Readers are encouraged to conduct their own research and consult with a qualified professional before making any financial decisions.

About the Author: Editor's Desk

Avatar