Ngrbot steals information and mine Bitcoins

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

Ngrbot steals information and mine Bitcoins
Botnet Dorkbot, Ngrbot
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol HTTP
Date 2011 / 18 novembre 2011
Editor/Conference SonicWALL
Link https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=391 www.mysonicwall.com (www.mysonicwall.com Archive copy)
Author SonicWALL UTM research team
Type

Abstract

SonicWALL UTM Research team discovered Ngrbot spreading in the wild. The bot steals user information and spreads though malicious links, removable drives, instant messengers and social networks. After initial infection, it downloads additional modules including a Bitcoin mining module. Bitcoin is a form of digital currency and one way of obtaining them is by mining. Mining for Bitcoins is a very computationally expensive process involving lots of hashing, making it time consuming and impractical to mine on a personal computer. The creators of this botnet have found a lucrative alternative to generating Bitcoins by leveraging the CPU cycles of infected machines.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2011BFR894,
   editor = {SonicWALL},
   author = {SonicWALL UTM research team},
   title = {Ngrbot steals information and mine Bitcoins},
   date = {Error: Invalid time.},
   month = Error: Invalid time.,
   year = {2011},
   howpublished = {\url{https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=391 www.mysonicwall.com}},
 }