Author

Topic: VictoryGate: A malicous mining botnet (Read 52 times)

member
Activity: 532
Merit: 36
There is gold in volatility..
April 28, 2020, 10:25:27 AM
#2
Botnet being one of the tools of cyber criminal to attack and steal invaluable information, it has to be taken seriously.
Imagine an address that contain 10btc is attacked by a malware or a botnet.

I hereby suggest that the forum should provide some recommendations on how to protect one's crypto information from the attack of this malwares.
legendary
Activity: 3080
Merit: 1353
April 28, 2020, 05:54:38 AM
#1
Quote

ESET researchers recently discovered a previously undocumented botnet that we have named VictoryGate. It has been active since at least May 2019 and, since then, three different variants of the initial module have been identified, in addition to approximately 10 secondary payloads that are downloaded from file hosting websites. The initial module is detected by ESET security products as MSIL/VictoryGate.

This botnet is composed mainly of devices in Latin America, specifically Peru, where over 90% of the compromised devices are located. We’ve been actively sinkholing several command and control (C&C) domains, allowing us to monitor this botnet’s activity. The combination of the sinkhole data and our telemetry data allows us to estimate the botnet’s size to be at least 35,000 devices.



So it looks like this botnet is specifically targeting Latin America, the good news is that it has been taken down partially, the bad news is that other machines may have compromise and could be used not just to mine Monero, but it could have release different payloads and possible that it can and will steal crypto information.

Eset recommended to used their online tool: https://www.eset.com/int/home/online-scanner/

So if you're in Latin American so may want to scan your machine specially if you have felt some basic symptoms like your PC is slowing down or some lagging executions.

Source
Jump to: