Over 500,000 Windows Machines Infected with Monero Mining Software

Michael Hill

More than 526,000 Windows hosts – mostly Windows servers – have been infected by a Monero miner known as Smominru, according to researchers at Proofpoint.

In a blog on its website Proofpoint, having been monitoring the miner since the end of May 2017, explained that it spreads using the EternalBlue exploit (CVE-2017-0144), and whilst Smominru has been well-documented, its use of Windows Management Infrastructure is unusual for coin mining malware.

To read the entire article, please click here.

Source: https://www.infosecurity-magazine.com/