A massive cryptocurrency mining botnet has generated as much as $3.6 million dollars’ worth of the digital coin known as Monero since last May, a researcher said Wednesday. The windfall isn’t the only noteworthy thing about the botnet. Dubbed Smominru, it’s also significant for the 526,000 computers it has infected and for the ability of its operators to withstand takedown attempts by whitehats.
“As Bitcoin has become prohibitively resource-intensive to mine outside of dedicated mining farms, interest in Monero has increased dramatically,” a researcher, who uses the pseudonym Kafeine, wrote in a blog post published by security firm Proofpoint. “While Monero can no longer be mined effectively on desktop computers, a distributed botnet like that described here can prove quite lucrative for its operators.”
Like cryptocurrency mining botnets known as Adylkuzz and Zealot, Smominru appropriates potent exploit code developed by the National Security Agency and later published online by a group calling itself the Shadow Brokers.