The versatile Stantinko botnet that’s been targeting former Soviet nations since at least 2012 has added a Monero cryptomining module to its arsenal.
Stantinko historically has perpetrated click fraud, ad injections, social network fraud and brute-force password stealing attacks, primarily targeting Russia, Ukraine, Belarus and Kazakhstan. But this latest module, discovered by researchers at ESET, has been a major source of Stantinko’s monetization since at least August 2018, ESET malware analyst Vladislav Hrcka notes in a Nov. 26 company blog post.
Described by ESET as a “highly modified version of the xmr-stark open source cryptominer,” Stantinko’s mining module, dubbed CoinMiner.Stantinko, is so powerful that it can “exhaust most of the resources of the compromised machine.”
CoinMiner.Stantinko is divided into four parts. The main component performs he actual mining, while the remaining parts are designed to, respectively, kill the functionalities of previously installed miners, detect security software and suspend mining activity if battery is low or the task manager utility is detected.
Instead of directly communicating ..
Support the originator by clicking the read the rest link below.
