XMR Cryptojacking Malware Smominru Updated, Now Targeting User Data

Malware Smominru mines Monero (XMR) on at least half a million infected computers and now also steals sensitive personal data.

An updated malware

Cybersecurity company Carbon Black claimed that its Threat Analysis Unit “uncovered a secondary component in a well-known cryptomining campaign” in a report published on Aug. 7. According to the firm, the malware has now been updated to “also steal system access information for possible sale on the dark web.” Per the report, the update is part of a broader trend in malware development:

“This discovery indicates a bigger trend of commodity malware evolving to mask a darker purpose and will force a change in the way cybersecurity professionals classify, investigate and protect themselves from threats.  ”

The change in the malware was first discovered during an investigation into anomalous activity behavior seen across a handful of endpoints. When investigating, the researchers found “sophisticated, multi-stage malware that was sending detailed system metadata to a network of hijacked web servers.”

Far reaching implications

According to the researchers, this trend will have far-reaching implications for the cybersecurity space. More precisely, according to the report, it will “catalyze a change in the way cybersecurity professionals classify, investigate and protect themselves from threats.”

As Cointelegraph reported yesterday, computer analysts at cybersecurity firm Zscaler ThreatLabZ have found a new type of trojan that targets cryptocurrency users.

Cointelegraph first reported the discovery of Smominru in February of 2018, though the malware had allegedly been infecting computers since May 2017.