Shellbot Malware Evolves, Shuts Crypto Miners on Infected Devices

Thursday, 02/05/2019 | 10:37 GMT by Arnab Shome
  • The malware is earning $300 per day by crypto jacking.
Shellbot Malware Evolves, Shuts Crypto Miners on Infected Devices
FM

Infamous Cryptojacking malware Shellbot has received an update to shut down crypto miners on the infected computers to utilize more processing power for its mining activities.

The new version of the malware was discovered by the researchers of internet security firm Threat Stack.

The information about the malware was first revealed to the public last February. It is designed to attack Linux-servers connected to the internet with weak passwords using an old-school SSH brute force technique. However, the previous version was only using the available space to mine digital currencies without affecting other running processes.

According to the Boston-based security company, the malware has been updated, which allows it to spread through the network and shut down other crypto miners on infected computers. This allows the malware to free up more processing power for its own crypto mining operation.

“The primary goal of this Shellbot variant is monetary gain through crypto mining and propagating itself to other systems on the internet,” Threat Stack stated in its official blog post. “Given its demonstrated ability and willingness to update functionality after achieving persistence on the target system, however, it is possible that the threat actors could decide to Leverage this malware to exfiltrate, destroy, or ransom sensitive data on critical systems at any time.”

The researchers found the malware on the servers of an US-based company, however, it did not reveal its identity.

An estimation by MoneroHash put the daily earning of Shelllbot at $300, while the monthly profits go around $8000.

Sam Bisbee, chief security officer of the security firm, told TechCrunch: “The threat actors behind this campaign have shown the ability and willingness to update this malware with new functionality after it has gained a foothold on an infected system.”

Rising threats of illegal mining

Crypto jacking has become a concern for the community as the illicit activity soared in recent years. Many popular websites were also found mining crypto on their visitors’ computers without taking permission.

Earlier this year, Finance Magnates reported that a new generation of Trojan horse known Gustuff is targeting Android devices to siphon crypto and fiats from exchanges and wallets.

Infamous Cryptojacking malware Shellbot has received an update to shut down crypto miners on the infected computers to utilize more processing power for its mining activities.

The new version of the malware was discovered by the researchers of internet security firm Threat Stack.

The information about the malware was first revealed to the public last February. It is designed to attack Linux-servers connected to the internet with weak passwords using an old-school SSH brute force technique. However, the previous version was only using the available space to mine digital currencies without affecting other running processes.

According to the Boston-based security company, the malware has been updated, which allows it to spread through the network and shut down other crypto miners on infected computers. This allows the malware to free up more processing power for its own crypto mining operation.

“The primary goal of this Shellbot variant is monetary gain through crypto mining and propagating itself to other systems on the internet,” Threat Stack stated in its official blog post. “Given its demonstrated ability and willingness to update functionality after achieving persistence on the target system, however, it is possible that the threat actors could decide to Leverage this malware to exfiltrate, destroy, or ransom sensitive data on critical systems at any time.”

The researchers found the malware on the servers of an US-based company, however, it did not reveal its identity.

An estimation by MoneroHash put the daily earning of Shelllbot at $300, while the monthly profits go around $8000.

Sam Bisbee, chief security officer of the security firm, told TechCrunch: “The threat actors behind this campaign have shown the ability and willingness to update this malware with new functionality after it has gained a foothold on an infected system.”

Rising threats of illegal mining

Crypto jacking has become a concern for the community as the illicit activity soared in recent years. Many popular websites were also found mining crypto on their visitors’ computers without taking permission.

Earlier this year, Finance Magnates reported that a new generation of Trojan horse known Gustuff is targeting Android devices to siphon crypto and fiats from exchanges and wallets.

About the Author: Arnab Shome
Arnab Shome
  • 6654 Articles
  • 102 Followers
About the Author: Arnab Shome
Arnab is an electronics engineer-turned-financial editor. He entered the industry covering the cryptocurrency market for Finance Magnates and later expanded his reach to forex as well. He is passionate about the changing regulatory landscape on financial markets and keenly follows the disruptions in the industry with new-age technologies.
  • 6654 Articles
  • 102 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}