Thursday , January 28 2021

This cryptocurrency mining botnet uses Taylor Swift pics to propagate itself

TNW uses cookies to personalize content and ads to
make our site easier for you to use.
We do also share that information with third parties for
advertising & analytics.

Powered by

Blockchain, cryptocurrencies, and insider stories by TNW.

A cryptocurrency-mining botnet is infecting computers with an image of Taylor Swift to spread its malware as widely as possible.

The operators of MyKingz, otherwise known as Smominru, DarkCloud, or Hexmen, are leveraging steganography, a technique that enables them to hide malicious files inside legitimate ones, according to UK cybersecurity firm Sophos.

Taylor Swift cryptocurrency

In this instance, they are hiding a malicious EXE inside a legitimate JPEG image of Swift.

“There’s a pretty good chance everyone who reads this story will have had some degree of interaction with a botnet we call MyKings (and others call DarkCloud or Smominru), whether you know it or not. For the past couple of years, this botnet has been a persistent source of nuisance-grade opportunistic attacks against the underpatched, low-hanging fruit of the internet. It’s probably knocking at your firewall right now. They certainly wouldn’t be the first,” Sophos warned.

MyKingz was first spotted in the wild in 2017. It is now credited with being one of the largest cryptocurrency-mining malware available.

The malware primarily focuses on Windows systems and features one of the most sophisticated scanning and infection mechanisms observed in botnets. It targets practically everything, including MySQL, MS-SQL, Telnet, ssh, IPC, WMI, Remote Desktop (RDP), and even the servers that run CCTV camera storage.

During its first months, MyKingz reportedly infected over 525,000 Windows systems, netting more than $2.3 million worth of Monero (XMR).

The countries with the highest population of infected hosts include: China, Taiwan, Russia, Brazil, USA, India, and Japan.

It’s estimated that MyKingz infects approximately 4,700 new systems every day. The botnet‘s current income is about $300 per day, mostly due to a drop in Monero‘s exchange rate, Sophos added.

Published December 19, 2019 — 09:21 UTC

Thank you!

Copyright © 2006—2019.
All rights reserved.
Made with in Amsterdam.

This Article was first published on

About IT News Ug

Check Also

Airbnb to be bigger than eBay after its long-awaited IPO

TNW uses cookies to personalize content and ads to make our site easier for you …

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.