Shellbot Malware Evolves, Shuts Crypto Miners on Infected Devices

Infamous crypto jacking malware Shellbot has received an update to shut down crypto miners on the infected computers to utilize more processing power for its mining activities.
The new version of the malware was discovered by the researchers of internet security firm Threat Stack.

The information about the malware was first revealed to the public last February. It is designed to attack the Linux-servers connected to the internet with weak passwords using an old-school SSH brute force technique. However, the previous version was only using the available space to mine digital currencies without affecting the other running processes.
According to the Boston-based security company, the malware has been updated, which allows it to spread through the network and shut down other crypto miners on infected computers. This allows the malware to free up more processing power for its own .
“The primary goal of this Shellbot variant is monetary gain through crypto mining and propagating itself to other systems on the internet,” Threat Stack stated in its official blog post. “Given its demonstrated ability and willingness to update functionality after achieving persistence on the target system, however, it is possible that the threat actors could decide to leverage this malware to exfiltrate, destroy, or ransom sensitive data on critical systems at any time.”
The researchers found the malware on the servers of an US-based company, however, it did not reveal its identity.
An estimation by MoneroHash put the daily earning of Shelllbot at $300, while the monthly profits go around $8000.
Sam Bisbee, chief security officer of the security firm, told TechCrunch: “The threat actors behind this campaign have shown the ability and willingness to update this malware with new functionality after it has gained a foothold on an infected system.”
Rising threats of illegal mining
Crypto jacking has become a concern for the community as the. Many popular websites were also found mining crypto on their visitors’ computers without taking permission.
Earlier this year, that a new generation of Trojan horse known Gustuff is targeting Android devices to siphon crypto and fiats from exchanges and wallets.

Be First to Comment

Leave a Reply

Your email address will not be published. Required fields are marked *