A previously undetected botnet called “Prometei” is targeting vulnerable Microsoft Windows devices by brute-forcing SMB vulnerabilities to mine monero cryptocurrency. The operation has only generated just under $5,000 in profits during its four-month run, Cisco Talos researchers say. In addition to cryptomining, the researchers found the botnet is capable of stealing administrative credentials and is armed with advanced security evasion techniques. The botnet has two modules that work together to plant a cryptominer within an infected device.”]
Source: https://www.bankinfosecurity.com/cyptomining-botnet-exploits-windows-smb-vulnerabilities-a-14696