According to ZDNet, an advanced form of cryptojacking malware called Smominru has managed to infiltrate more than half a million computers to stealthily mine Monero, the most popular privacy coin.
To top that off, the malicious software is also able to harvest the victims’ access data, which marks another step in the evolution of illicit mining.
Cryptojacking and data theft
At first glance, Smominru’s modus operandi isn’t different from a plethora of other cryptojacking operations. After successfully wreaking havoc with the machine, bad actors use its CPU power to mine Monero and then transfer XMR to their wallets.
However, the malware also boasts a data-harvesting module to steal information that could be later sold on access marketplace. The Carbon Black researchers, who were cited by ZDNet, assume that hackers could profit off selling access to hijacked systems on the dark web.
Based on the specific system details they gathered, it is plausible this information could be sold on an access marketplace, allowing for remote access into these systems for use as zombies in large-scale attacks or to execute targeted attacks on specific hosts at specific companies.
The darling of hackers
As reported by U.Today, Monero is responsible for more than four percent of Monero’s total circulation supply. The top altcoin coin is known for its ASIC-resistance, which means that it can be mined with the help of ‘good old’ CPUs and GPUs. Smominru hackers used a custom version of XMRig for that purpose.