Shellbot Malware Evolves, Shuts Crypto Miners on Infected Devices


Infamous crypto jacking malware Shellbot has received an update to shut down crypto miners on the infected computers to utilize more processing power for its mining activities.

The new version of the malware was discovered by the researchers of internet security firm Threat Stack.

Discover Barcelona Trading Conference – A Top Tier Crypto Trading Event

The information about the malware was first revealed to the public last February. It is designed to attack Linux-servers connected to the internet with weak passwords using an old-school SSH brute force technique. However, the previous version was only using the available space to mine digital currencies without affecting other running processes.

According to the Boston-based security company, the malware has been updated, which allows it to spread through the network and shut down other crypto miners on infected computers. This allows the malware to free up more processing power for its own crypto mining operation.

“The primary goal of this Shellbot variant is monetary gain through crypto mining and propagating itself to other systems on the internet,” Threat Stack stated in its official blog post. “Given its demonstrated ability and willingness to update functionality after achieving persistence on the target system, however, it is possible that the threat actors could decide to leverage this malware to exfiltrate, destroy, or ransom sensitive data on critical systems at any time.”

The researchers found the malware on the servers of an US-based company, however, it did not reveal its identity.

An estimation by MoneroHash put the daily earning of Shelllbot at $300, while the monthly profits go around $8000.

Sam Bisbee, chief security officer of the security firm, told TechCrunch: “The threat actors behind this campaign have shown the ability and willingness to update this malware with new functionality after it has gained a foothold on an infected system.”

Rising threats of illegal mining

Crypto jacking has become a concern for the community as the illicit activity soared in recent years. Many popular websites were also found mining crypto on their visitors’ computers without taking permission.

Earlier this year, Finance Magnates reported that a new generation of Trojan horse known Gustuff is targeting Android devices to siphon crypto and fiats from exchanges and wallets.

Leave a Reply

Your email address will not be published. Required fields are marked *

You May Also Like