Major antivirus software supplier Eset has found cyber criminals using YouTube to distribute mining modules to cryptojack Monero.
Slovakian software security firm Eset has uncovered that cyber criminals behind the Stantinko botnet have been distributing a Monero (XMR) cryptocurrency mining module via Youtube.
On Nov. 26, the major antivirus software supplier Eset reported that the Stantinko botnet operators have expanded their criminal reach from click fraud, ad injection, social network fraud and password stealing attacks, into installing crypto malware on victims’ devices using Youtube.
Stantinko botnet has been active since at least 2012
The Stantinko botnet, which has been active since at least 2012 and predominantly targets users in Russia, Ukraine, Belarus and Kazakhstan, reportedly uses YouTube channels to distribute its cryptojacking module, which mines the privacy-focused crypto coin Monero on the CPUs of unsuspecting victims.
This cryptocurrency-stealing malware has reportedly infected around 500,000 devices, and is similar to the recently discovered malicious malware, Dexphot, malware discovered by Microsoft that has already infected more than 80,000 computers.
These crypto-hijacking codes steal processing resources, take over legitimate system processes and disguise the nefarious activity with the ultimate goal of running a crypto miner on the infected devices.
Eset informed YouTube, which reportedly responded by removing all the channels that contained traces of Stantinko’s code.
Malware on Monero’s official website was stealing crypto
In November, Monero’s core development team said that the software available for download on Monero’s official website might have been compromised to steal cryptocurrency. A professional investigator going by the name of Serhack confirmed that the software distributed after the server was compromised was indeed malicious:
“I can confirm that the malicious binary is stealing coins. Roughly 9 hours after I ran the binary a single transaction drained the wallet. I downloaded the build yesterday around 6pm Pacific time.”
Source: , CoinTelegraph
![](https://www.cashtechnews.com/wp-content/uploads/2018/09/cashtechnews.png)
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.