Research: Monero Mining Botnet Collects Data For Resale

A report released today by a cyber security company Carbon Black says the infamous Monero mining botnet has an additional component that can capture IP addresses, domain information, usernames and passwords. Carbon Black researchers claim that during the active phase of the campaign, the botnet collected a huge amount of secret data over the past two years.

According to report, 500,000 machines were infected with trojans using the XMRig protocol, collecting 8900 Monero in the process. Most of the infected machines were in Russia, Eastern Europe and the Asia-Pacific region.

The report said that many patches from open source on GitHub helped hackers turn data into a secondary source of income. One infected machine sells an average of $6.75 on darknet; 500,000 devices cost about $1.69 million. Infected machines can be rented for 24–48 hours as a source of passive income. Thus, with a coin price of about $ 90, the group’s assets are estimated at about $3.29 million worth.

Image courtesy of Unkrypted