Cybersecurity at the time of cryptocurrencies must be taken seriously. The sheer processing power needed to mine cryptocurrencies and the increasing value of various digital currencies has got hackers and cybercriminals exploiting the processing power of unsecure IT infrastructure. A malware developer, allegedly based out of China was recently found to be operating a botnet going by the name “Bondnet” after compromising over 15,000 Windows servers.
According to reports, the malware creator “Bond007.01” is using the botnet to mine various cryptocurrencies. The Bondnet botnet was discovered by security researchers at the GuardiCore cyber-security firm. Their report on the newly found botnet states that the Bondnet has been operational since December 2016, earning a small fortune daily in the process.
Even though Bondnet has been actively mining a variety of cryptocurrencies, its focus seems to be on Monero — a CryptoNote based digital currency known for its anonymity. The infected Windows Servers that are part of the botnet includes those belonging to various global companies, universities, local government bodies and even public institutions. It is estimated that the person(s) behind Bondnet have been earning about $1000 or upwards of $25000 a month by harnessing the processing power of compromised servers.
Bondnet makes use of a variety of known exploits, both old and new to install a Windows Management Interface trojan. The trojan acts a link between the Command and Control and the infected server, giving Bond007.01 complete control. However, the operator of Bondnet doesn’t seem to be interested in the data as he/she hasn’t attempted to hold it for ransom. GuardiCore believes that the exploit is purely financially motivated, where a sustained mining operation could yield more returns than one-time ransom demand.
The botnet network is constantly expanded with about 500 new servers being added to it daily. The attack has left many owners shortchanged due to increased power consumption, with bills going up by anywhere between $1000 – $2000 per month.
In order to prevent such incidents, it is advisable for businesses and server owners to frequently monitor the performance of their IT infrastructure and keep the software updated to latest versions. whenever there is any discrepancy in the performance, they should conduct a thorough investigation to find the cause and take necessary steps to mitigate the issue.
Ref: WCCF Tech | Image: NewsBTC