Prometei Botnet was first discovered in July 2020, but new evidence shows it was seen in the wild as far back as 2016. The main objective of Prometi is to install the Monero miner component on as many endpoints as it can. The latest versions of the botnet provide the attackers with a sophisticated and stealthy backdoor that supports a wide range of tasks that make mining Monero coins the least of the victims’ concerns. It is assessed that the Prometani group is financially motivated and operated by Russian-speaking individuals but is not backed by a nation-state.”]