Shellbot Malware Evolves, Shuts Crypto Miners on Infected Devices
- The malware is earning $300 per day by crypto jacking.
Infamous Cryptojacking Cryptojacking Cryptojacking is defined as the unauthorized use of an individual’s computer to mine cryptocurrency. Hackers accomplish this feat by through several means.This includes obtaining access via malicious links in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.Consequently, this crypto mining code is able to work out of sight of unsuspecting victims, often without notice. The on Cryptojacking is defined as the unauthorized use of an individual’s computer to mine cryptocurrency. Hackers accomplish this feat by through several means.This includes obtaining access via malicious links in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.Consequently, this crypto mining code is able to work out of sight of unsuspecting victims, often without notice. The on Read this Term malware Shellbot has received an update to shut down crypto miners on the infected computers to utilize more processing power for its mining activities.
The new version of the malware was discovered by the researchers of internet security firm Threat Stack.
The information about the malware was first revealed to the public last February. It is designed to attack Linux-servers connected to the internet with weak passwords using an old-school SSH brute force technique. However, the previous version was only using the available space to mine digital currencies without affecting other running processes.
According to the Boston-based security company, the malware has been updated, which allows it to spread through the network and shut down other crypto miners on infected computers. This allows the malware to free up more processing power for its own crypto mining operation.
“The primary goal of this Shellbot variant is monetary gain through crypto mining and propagating itself to other systems on the internet,” Threat Stack stated in its official blog post. “Given its demonstrated ability and willingness to update functionality after achieving persistence on the target system, however, it is possible that the threat actors could decide to Leverage Leverage In financial trading, leverage is a loan supplied by a broker, which facilitates a trader in being able to control a relatively large amount of money with a significantly lesser initial investment. Leverage therefore allows traders to make a much greater return on investment compared to trading without any leverage. Traders seek to make a profit from movements in financial markets, such as stocks and currencies.Trading without any leverage would greatly diminish the potential rewards, so traders In financial trading, leverage is a loan supplied by a broker, which facilitates a trader in being able to control a relatively large amount of money with a significantly lesser initial investment. Leverage therefore allows traders to make a much greater return on investment compared to trading without any leverage. Traders seek to make a profit from movements in financial markets, such as stocks and currencies.Trading without any leverage would greatly diminish the potential rewards, so traders Read this Term this malware to exfiltrate, destroy, or ransom sensitive data on critical systems at any time.”
The researchers found the malware on the servers of an US-based company, however, it did not reveal its identity.
An estimation by MoneroHash put the daily earning of Shelllbot at $300, while the monthly profits go around $8000.
Sam Bisbee, chief security officer of the security firm, told TechCrunch: “The threat actors behind this campaign have shown the ability and willingness to update this malware with new functionality after it has gained a foothold on an infected system.”
Rising threats of illegal mining
Crypto jacking has become a concern for the community as the illicit activity soared in recent years. Many popular websites were also found mining crypto on their visitors’ computers without taking permission.
Earlier this year, Finance Magnates reported that a new generation of Trojan horse known Gustuff is targeting Android devices to siphon crypto and fiats from exchanges and wallets.
Infamous Cryptojacking Cryptojacking Cryptojacking is defined as the unauthorized use of an individual’s computer to mine cryptocurrency. Hackers accomplish this feat by through several means.This includes obtaining access via malicious links in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.Consequently, this crypto mining code is able to work out of sight of unsuspecting victims, often without notice. The on Cryptojacking is defined as the unauthorized use of an individual’s computer to mine cryptocurrency. Hackers accomplish this feat by through several means.This includes obtaining access via malicious links in an email that loads crypto mining code on the computer, or by infecting a website or online ad with JavaScript code that auto-executes once loaded in the victim’s browser.Consequently, this crypto mining code is able to work out of sight of unsuspecting victims, often without notice. The on Read this Term malware Shellbot has received an update to shut down crypto miners on the infected computers to utilize more processing power for its mining activities.
The new version of the malware was discovered by the researchers of internet security firm Threat Stack.
The information about the malware was first revealed to the public last February. It is designed to attack Linux-servers connected to the internet with weak passwords using an old-school SSH brute force technique. However, the previous version was only using the available space to mine digital currencies without affecting other running processes.
According to the Boston-based security company, the malware has been updated, which allows it to spread through the network and shut down other crypto miners on infected computers. This allows the malware to free up more processing power for its own crypto mining operation.
“The primary goal of this Shellbot variant is monetary gain through crypto mining and propagating itself to other systems on the internet,” Threat Stack stated in its official blog post. “Given its demonstrated ability and willingness to update functionality after achieving persistence on the target system, however, it is possible that the threat actors could decide to Leverage Leverage In financial trading, leverage is a loan supplied by a broker, which facilitates a trader in being able to control a relatively large amount of money with a significantly lesser initial investment. Leverage therefore allows traders to make a much greater return on investment compared to trading without any leverage. Traders seek to make a profit from movements in financial markets, such as stocks and currencies.Trading without any leverage would greatly diminish the potential rewards, so traders In financial trading, leverage is a loan supplied by a broker, which facilitates a trader in being able to control a relatively large amount of money with a significantly lesser initial investment. Leverage therefore allows traders to make a much greater return on investment compared to trading without any leverage. Traders seek to make a profit from movements in financial markets, such as stocks and currencies.Trading without any leverage would greatly diminish the potential rewards, so traders Read this Term this malware to exfiltrate, destroy, or ransom sensitive data on critical systems at any time.”
The researchers found the malware on the servers of an US-based company, however, it did not reveal its identity.
An estimation by MoneroHash put the daily earning of Shelllbot at $300, while the monthly profits go around $8000.
Sam Bisbee, chief security officer of the security firm, told TechCrunch: “The threat actors behind this campaign have shown the ability and willingness to update this malware with new functionality after it has gained a foothold on an infected system.”
Rising threats of illegal mining
Crypto jacking has become a concern for the community as the illicit activity soared in recent years. Many popular websites were also found mining crypto on their visitors’ computers without taking permission.
Earlier this year, Finance Magnates reported that a new generation of Trojan horse known Gustuff is targeting Android devices to siphon crypto and fiats from exchanges and wallets.