This malware infects 4,700 computers a day

It is one of the fastest expanding computer malwares, its name ... Smominru.

In August 2019, this malware managed to infect more than 90 thousand computers worldwide, around 4,700 computers a day in China, Taiwan, Russia, Brazil and the United States that have been the most affected countries, but let's not forget that the other countries are not out of reach of this malware.

In Italy there is the largest network, which Smominru has attacked, with at least 65 servers infected on average 85% of infections take place on Windows Server 2008 and Windows 7 systems

The remaining percentage belongs to Windows Server 2012, Windows XP and Windows Server 2003 ”

Cybercriminals have used cryptocurrencies for years in underground markets, but in the past year, we have observed that independent coin miners and coin mining modules in existing malware proliferate rapidly.

There are conflicting reports among the research companies about where the botnet operator is, on the one hand a research company claims that this botnet is based in China and on the other hand, the other research company says that most of the IPs of the Botnet operate from a headquarters in the United States.

What does this malware do?

After compromising the system, Smominru creates a new user with administrator privileges and starts downloading malicious files.

The objective is to secretly use infected computers for cryptocurrency mining at the victim's expense, but also download a series of modules used for espionage, data filtration and theft of personal identities and credentials.

Once Smominru manages to gain a foothold, he tries to spread through the network to infect all the systems he can.

Due to the botnet's worm capabilities, any machine infected with Smominru can be a serious threat to a corporate network, and it's not just crypto mining.

The poor security of many networks is also reflected in the fact that one in four victims were reinfected by Smominru. This means that many organizations tried to clean infections but failed to properly close all attack vectors and address the root cause.

How to protect and ensure yourself?

According to experts, the best way to protect computers is to regularly update operating systems, as well as use strong passwords and antivirus.

Andrea Leal

Reduce, Reuse, Recycle

Contact Us