More than half a million devices were impacted by the Smonminru botnet mining cryptocurrency, according to research from Proofpoint. The botnet found its legs in the EternalBlue exploit — the same one that was used to spread the WannaCry malware attack.
Smonminru has reportedly mined about $3.6 million worth of cryptocurrency for the hacker behind it. The botnet started circulating in May 2017, which is close to the time EternalBlue was leaked from the NSA.
- There are about 25 hosts carrying out attacks using EternalBlue to "infect nodes and increase the size of the botnet," according to the report. Most of the nodes, at this point, are on Windows servers. Nodes are the point to which networks connect, and at its peak, Smonminru had about 526,000 nodes, according to Proofpoint. The most impacted devices are in Russia, India and Taiwan.
Bitcoin is mined by taking verified transactions and adding them to a blockchain network, which releases new bitcoin. This means that anyone who can get on the internet with sufficient hardware can mine for bitcoin.
Users are free to devise their own method of cryptocurrency using mining software and processing power, according to Kaspersky Labs. Bitcoin is currently the most popular form of cryptocurrency, and because of its increasing presence, hackers are not just attempting, but succeeding in taking advantage of the digital currency.
Individuals impacted most likely unknowingly enabled attackers by installing adware programs that are laced with malicious code that do the mining. The rapid growth of cryptocurrency has coincided with an increase in hacker-based mining. Kaspersky Lab products protected 701,000 users in 2014, and attacked users totalled 1.65 million in the first eight months of last year, according to Kaspersky Labs.
The Smonminru botnet using Windows servers may impact companies globally, but they are most likely unaware. The wormability feature of the EternalBlue exploit allows malware to travel quickly, making software patches the most likely and most convenient way to mitigate risk.