A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero (XMRig) miner and self-spreader malware payloads. The botnet has been upgraded to use a single binary capable of mining and auto-spreading the malware to other devices. Sysrv-hello is not alone trawling the Internet for free computing power, as other botnets are exploiting and enslaving vulnerable servers to mine for Monero cryptocurrency.
Source: https://www.bleepingcomputer.com/news/security/new-cryptomining-malware-builds-an-army-of-windows-linux-bots/