French police announced the discovery and closure of a large botnet that was used for covert mining of cryptocurrencies. The botnet totaled 850,000 devices in 140 countries.
It is reported that a significant part of the devices was located in Latin America, but they were controlled from France. Hackers installed a hidden Monero cryptocurrency miner and mined coins on users’ computers using their computing resources.
The virus was discovered by Avast in the spring. To infect devices, attackers sent out emails with a promise of earnings or erotic images. Also, the virus could be “picked up” through an infected USB-drive.
Although the number of infected machines is known, law enforcement agencies do not yet report how much money the hackers were able to earn. It was not possible to catch the attackers themselves, however, it is estimated that they could receive millions of euros.
“In general, we were able to find out where the main server is located, which controlled the network of infected computers. We copied it, launched it at our facilities and simply turned off the virus on infected computers, ”said Jean-Dominique Nollet, Head of the Center for Combating Digital Crimes.
Nolle also emphasized that hackers can easily restore their server and again start mining cryptocurrency on infected computers.
Recall that in early June, Trend Micro cybersecurity experts discovered a new BlackSquid virus miner aimed at covert mining of Monero cryptocurrency on users’ devices.