IBM Security X-Force researchers studied the botnet activity of a malware variant that is used by cyber crime groups to illegally mine cryptocurrency. Examining two ShellBot botnets that appeared in attacks honeypots caught, the X-Force team was able to infect its own devices and become part of the live botnets, thereby gaining insight into how these botnets were managed internally. This post provides the details on IBM’s research and sheds light on the growing threat of cryptomining botnets to enterprise networks.
While seeing computational resources abused by cryptojacking operations is enough of a problem, the riskier consequence of the infection is that malware begets malware. A seemingly simplistic infection is still a foothold that can result in more sophisticated malware on the network down the line, which may end up exfiltrating data and even installing ransomware to extort the organization later on.
Cryptojacking Is the Name of ShellBot’s Game
With the exponential rise in the value of cryptocurrency, cybercrime endeavors based on these digital coins have been rising as well. Aside from the devastating rise of ransomware attacks, the illegal mining of cryptocurrency on devices one does not own, aka cryptojacking, has become a commercial grade threat used in the hands of lone criminals and organized groups alike. In some cases, cryptojacking operations that keep mining farms processing coins reached the magnitude of a $50 million business for their bot masters.
The ShellBot malware lives within this ecosystem. While it is a rather simple piece of P ..
Support the originator by clicking the read the rest link below.
