Botnet Strikes Cryptocurrency Mining Rigs

A botnet that'due south been infecting net routers has a new target: machines mining the cryptocurrency Ethereum.

Since Jan. eight, the botnet has been scanning the cyberspace for Windows systems running the Claymore mining software, and tampering with them, co-ordinate to security researchers at Qihoo 360 Netlab.

SecurityWatch The malware, known as Satori, was originally spotted a month agone targeting vulnerabilities in routers from Huawei and D-Link. All the same, the hacker behind the malware has retooled it to also attack a vulnerability in the Claymore mining software, Netlab said in a Wednesday web log post.

By exploiting the flaw, the botnet can supplant the digital wallet to which the Claymore software mines Ethereum with a hacker-controlled address. It isn't clear how many mining rigs the botnet has hijacked. But since the attacks began, the botnet has managed to mine a single coin, which is worth near $1,000.

The botnet is amid the latest hacking schemes capitalizing on the cryptocurrency craze. Others have focused on hijacking websites and Google Chrome browser extensions to secretly mine the digital currency Monero.

In regards to the Satori botnet, the hacker behind scheme is leaving a bulletin on the mining rigs hit, according to Netlab. "Satori dev here, don't exist alarmed about this bot it does not currently take any malicious packeting purposes move forth. I can be contacted at curtain@riseup.internet," the message reads.

The vulnerability in the Claymore software was actually office of a feature for remote monitoring of the Ethereum mining. The flaw appears to have been patched in version 10.two of the software.