Smominru malware, used for Monero mining (XMR), has been modified to steal personal data.
Cybersecurity company Carbon Black has released a report claiming it “discovered a secondary component in a well-known cryptocurrency campaign.”
According to the company, the malware has been updated to “steal system access information for a possible sale on the dark web.” Apparently, the update is part of a broader trend of malware development.
“This finding indicates a trend in malware evolution to mask a wider purpose. This will force a change in how cybersecurity professionals classify, investigate, and protect against threats. “
500 million infected computers
Smominru had infected more than 526,000 computers in January 2019, according to a report published by The Hacker News. This is a new global botnet based on EternalBlue virus to spread Monero mining malware.
The change in the operating mode of the program was first discovered during an anomalous behavior investigation.
Researchers at Carbon Blakc have discovered
“Sophisticated, multi-step malware that sent detailed system metadata to a network of hijacked web servers.”
Last week, cybersecurity company analysts Zscaler ThreatLabZ found a new type of Trojan targeting cryptocurrency users.
In a blog post published on August 8, the company explained that this is a new remote access trojan (RAT). It is capable of taking over the administrative control of the computer in question. This allows you to retrieve your browser history and search for activities involving cryptocurrencies, credit cards, business, social media and more.