Ngrbot steals information and mine Bitcoins
Jump to navigation
Jump to search
(Publication) Google search: [1]
Ngrbot steals information and mine Bitcoins | |
---|---|
Botnet | Dorkbot, Ngrbot |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | HTTP |
Date | 2011 / 18 novembre 2011 |
Editor/Conference | SonicWALL |
Link | https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=391 www.mysonicwall.com (www.mysonicwall.com Archive copy) |
Author | SonicWALL UTM research team |
Type |
Abstract
“ SonicWALL UTM Research team discovered Ngrbot spreading in the wild. The bot steals user information and spreads though malicious links, removable drives, instant messengers and social networks. After initial infection, it downloads additional modules including a Bitcoin mining module. Bitcoin is a form of digital currency and one way of obtaining them is by mining. Mining for Bitcoins is a very computationally expensive process involving lots of hashing, making it time consuming and impractical to mine on a personal computer. The creators of this botnet have found a lucrative alternative to generating Bitcoins by leveraging the CPU cycles of infected machines.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2011BFR894, editor = {SonicWALL}, author = {SonicWALL UTM research team}, title = {Ngrbot steals information and mine Bitcoins}, date = {Error: Invalid time.}, month = Error: Invalid time., year = {2011}, howpublished = {\url{https://www.mysonicwall.com/sonicalert/searchresults.aspx?ev=article&id=391 www.mysonicwall.com}}, }