Michael Hill
More than 526,000 Windows hosts – mostly Windows servers – have been infected by a Monero miner known as Smominru, according to researchers at Proofpoint.
In a blog on its website Proofpoint, having been monitoring the miner since the end of May 2017, explained that it spreads using the EternalBlue exploit (CVE-2017-0144), and whilst Smominru has been well-documented, its use of Windows Management Infrastructure is unusual for coin mining malware.
To read the entire article, please click here.
Source: https://www.infosecurity-magazine.com/
