Connect with us


Monero malware is stealing the user data!



Monero has made a name for itself when it comes to being a private cryptocurrency. However, even the private cryptocurrency platform can go through tough times concerning the malware. A new report suggests that Monero is going through significant mining issues. On the other hand, the mining issues did take place due to malware.

The online security firm, Carbon Black, was the first respondent to reveal that malware is present in Monero’s mining-chain. By the looks of it, the report is present in the Threat Analysis Unit, which also looks after a secondary component. In addition to this, the report did also reveal the name of the malware program, Smominru.

What is Smominru?

According to several reports as well as sources, Smominru is a robust botnet which affects the Windows computers. Back in 2018, in February the Botnet made its way to 526,000 windows computers that were connected to a significant Windows server.

Later, the expert did observe that Smominru provides a massive variety of malware which is vulnerable to computers. Smominru is no different than the powerful and popular Mirai DDoS malware, among other trojans. The primary function of the malware is to generate maximum profit for its operators by simply mining the cryptocurrency. The botnet utilizes the already infected Windows computer to mine cryptocurrency.

In 2018, the experts said that Smominru did make around $2.3 million all through its mining activity. Currently, Smominru is the massive mining botnet that is alive and active. The botnet always prefers to attack the Windows system such as EternalBlue as well as EsteemAudit.

Sometimes, Smominru also targets the significant MSSQL databases on the servers of Windows and Linux server’s MySQL.

Smominru did affect the mining activities of Monero

The experts are suggesting that the authentic malware script can easily be modified in the stream the access of the system. Later, it will be sold on the dark side of the internet, aka Dark Web. At the time of writing, the malware did already steal half a million computers.

The researchers also came up with a statement after they did discover the malware. By the looks of it, the discovery suggests that the maker is developing the malware for a darker purpose. In the long run, the malware will enlist a change in the way cybersecurity professional investigates, protect, and classify the threats.

The cybersecurity specialists and analysts across the world came across Smokin in the year 2017 in May. In the previous year, several researchers residing at the security firm said that Smominru has gone to a new level. The report suggests that Smominru is using technology from NSA’s cutting-edge National Security Agency.

Furthermore, the researchers said that the exploit has a name; it is EternalBlue. The EternalBlue infects the computers that incorporate mining malware XMR. Carbon Black is responsible for finding the previous iterations malware which underwent significant modifications. The team of analysts also found a very much state-of-the-art, multistage malware which was sending the metadata back to a network.

After conducting several types of research, the researchers found that the network is overtaken by web servers which did go through maximum hijacking.

News Source

Click to comment


Monero price forecast: XMR going into a tight range



The crypto’s price may rise if there is a bullish breakout. On the other hand, the coin may fall, if it encounters a bearish breakout.

Key Highlights

  • XMR price faces resistance at the $120 supply zone
  • The market of Monero is likely to have a bullish or bearish breakout as it trades in a tight range
  • XMRUSD pair has reached the oversold region of the market, and the crypto’s price is likely to rise

Monero Current Statistics

The current price: $83

Market Capitalization: $1,432,294,240

Trading Volume: $67,483,292

Major supply zones: $100, $110, $120

Major demand zones: $70, $60, $50

Monero price analysis based on August 17 data

On June 23, the crypto’s price traded and tested the $120 price level and was resisted. The market fell to the supply zone of $90. The bulls made another upward move but were resisted at the supply zone of $110 price level. On July 16, the crypto’s price fell and found support at the demand zone of $70 price level. This had been the scenario after the crypto’s price fall from the overhead resistance.

XMRUSD-Daily Chart

On August 6, the bulls tested the $100  supply zone but were overpowered. The market fell to the demand zone of $70 price level. The price of Monero is currently trading in a tight range and may have a bullish or bearish breakout. The good thing is, if the price breaks the supply zone of $90, the crypto’s price will rise and retest the $120 price level. But, in case the bears manage to break the $70 demand zone, the market will fall to the low of $50 price level.

Chart Indicators Reading

The Stochastic indicator is in the oversold region but below the 50% range, which indicates that the market is bearish. However, the blue band of the Stochastic indicator is making a U-turn above 20% range. This suggests that the bearish pressure is being exhausted and the crypto‘s price is likely to rise.

At the demand zone, if the bears break the lower trend line and the candlestick closes below it, the crypto’s price is likely to depreciate further. On the other hand, in the supply zone, if the bulls break the upper trend line, the market will resume its bullish trend. The MACD line and the signal line are sloping horizontally, indicating that price is fluctuating.

General Outlook for XMR

The price of Monero is ranging as it reaches the oversold region of the Stochastic indicator. The exponential moving averages tend slope along with the price action. The cryptocurrency’s price may rise if there is a bullish breakout. On the other hand, the coin may fall, if it encounters a bearish breakout.

News Source

Continue Reading


Monero: The efficiency of the inefficient RandomX



“Monero is dead,” said my colleague when I asked him about last month’s upgrade. When asked why? he replied, “the price has been stagnating for the past couple of months.”

The Price

Although I didn’t really pay much attention to the importance given to the price of cryptocurrencies before, this remark by another journalist got me wondering about how price has truly become one of the key aspects driving the cryptoverse. And why not?

It was the price of Bitcoin that grabbed the attention of the world towards the end of 2017, when the coin reached its ATH. It was a time when millennials become millionaires overnight, which got mainstream media to speak about the “new asset class”. Notably, it was also this boost that captured the attention of AMBcrypto founders, which eventually led to my career as a journalist.

While it’s true that the price has been on the low-low for the fungible cryptocurrency in comparison to its all-time high, it is also true that price is not the only factor that measures a coin’s success rate.

Additionally, Monero’s price has been doing great considering how major exchanges do not have the coin listed and the regulatory hurdles it has been through. The coin has still maintained a stronghold in the top 20 taking into account how it has not been enjoying all the benefits Bitcoin and Ethereum receives.

Price, not a talking point for Monero

Even though price has been a key determiner of the interest one pays to a project, however, this does not stand true for Monero. If one takes notice, there is barely anyone discussing the price movements of the currency and its valuation. The one factor the entire community drives on is its development that promotes privacy.

Today, Monero developers are undoubtedly one of the few teams in the space that have achieved new heights when compared to others. The implementation of Bulletproof technology to RingCT and analyzing the implementation MimbleWimble, the devs have dipped their feet into all the protocols that execute Monero’s vision of providing better financial privacy to anyone seeking for it.

The next big step

With the intention of catching up with the on-going developments of Monero after the bleak insight I got from my colleague, the first topic that popped on Monero’s Twitter, ‘the fourth and final audit of RandomX has been successfully completed.’

The great war against ASIC mining

The Monero community has long since been at war against AISC miners, with the agenda of avoiding centralization. ASIC mining was one of the factors that drew several criticisms for Bitcoin over the years, with people arguing that its network was centralized as the majority of the computational power was in the hands of a few players.

To avoid the same fate as that of Bitcoin, Monero devs have made it a point to constantly upgrade the network, putting ASIC chip producers at the losing end of the game.

So far, Monero has been undergoing an upgrade every six months, changes being implemented to the network at least twice a year. The last upgrade to its proof-of-work algorithm took place in March 2019, which saw the network upgrading to CryptoNight R Proof-of-Work algorithm.

However, this constant upgrade seems to be taking a toll on the developers and the network in general, considering that there were concerns related to its sudden hashrate drop. Hence, as a resort against ASIC mining, the dev team is all set for the next big step, RandomX — Randomly generated machine-language programs for a custom virtual machine.


RandomX has been one of the most awaited algorithm upgrades in the Monero community as it not only puts ASIC mining at a disadvantage but also paves the path for an even distribution of computational power. This could be attributed to the fact that RandomX puts CPU mining at an advantage over the rest, even putting GPU miners at a disadvantage to a certain extent. Since the use of CPU is more egalitarian, everyone would have a fair opportunity to participate in the network. Notably, RandomX not only targets ASIC miners but also crypto-mining malware. Since the memory consumption would increase significantly, mining malware would be more detectable than it was before.

Now, how does RandomX achieve everything it promises? The algorithm will be using all components of the core but not all of the chips, including the memory interface of the uncore. Achieving this could be the tricky part for ASIC chip producers as they would have to develop a chip that would address all queries and considering that ASIC chips have been efficient so far mainly because it has a single purpose, it would be near impossible.

At the MoneroKon 2019, Howard Chu, CTO of Symas Corp and one of the frontiers of this shift stated,

“So with RandomX, we want an algorithm that is so inefficient, that uses so much power that we’re using as much as possible of CPU.”

Howard Chu further explained this in an email to AMBCrypto. He said, “a CPU has multiple functional units that can be operating at any given time.” Eg:

  • Arithmetic/Logic Unit [ALU] used for performing integer arithmetic, bitwise operations, etc.
  • Floating Point Unit [FPU] used for floating-point arithmetic
  • Memory Load/Store Unit [LSU] for loading data from and storing data to off-chip memory

“These units are all capable of operating simultaneously, but in typical code, only one might get used at a time. The unused units are powered down. The RandomX instruction set is designed such that as much executes in parallel as possible, thus maximizing the power consumption of the CPU.”

However, this also does not mean that Monero would be ASIC immune forever. Technology advances as time passes by. When asked about the alternatives if ASICs were to catch up like SHA-3 algorithm, Howard Chu said,

“If ASIC builders discover a way to optimize a chip that is more than 2x as efficient as a good quality CPU, then yes, there have been talks about shifting to an algorithm like SHA-3. The rationale is that SHA-3 was explicitly designed to be easily implemented in hardware, and so no particular manufacturer will have any optimization advantages over any other.”

“From what I’ve seen, this argument is misguided. A quick literature search shows that even after over a decade of experience with SHA-2, researchers are still publishing new ways to optimize it in hardware. And SHA-2 is also a trivially simple algorithm, that has been studied and well understood for many years. The belief that because SHA-3 is simple, adopting it will lead to a commoditized ASIC ecosystem is simply wrong, there will always be different groups with better optimizations over the course of time.”

Earlier this month, the fourth audit of RandomX was successfully completed by Quarkslab. Prior to this, the first three audits were carried out by Trail of Bits, Kudelski Security, and X41 D-Sec. The next steps involved in the shift to RandomX includes review of the results, vote on the whether to integrate the RandomX changes, following which the date and the block height for the algorithm upgrade will be decided, said CTO of Symas Corp.

“At the moment I expect that we will only choose an activation point for the testnet, and we can settle on the mainnet activation point at a later date.”

To my colleague who thinks Monero is dead, the words of Spock (from Star Trek) come to mind: “The needs of the many outweigh the needs of the few, or the one.” 


Continue Reading


Well-known Monero mining malware modified to steal user data



  • Malware program “Smominru” had been modified to “steal system access information for possible sale on the dark web.”
  • This malware has already infected half a million computers.

Monero (XMR), the privacy-oriented cryptocurrency, has been plagued by mining malware issues again. Carbon Black, an online security firm, revealed in a report that its Threat Analysis Unit found “a secondary component” in a well-known malware program called “Smominru.” The malware script had been modified to “steal system access information for possible sale on the dark web.” This malware has already infected half a million computers.

According to the researchers:

“This discovery indicates a bigger trend of commodity malware evolving to mask a darker purpose and will force a change in the way cybersecurity professionals classify, investigate and protect themselves from threats.”

Smominru was initially detected in May 2017 and was also detected in January 2018. Last year, researchers at security firm, Proofpoint, confirmed that Smominru had been using a National Security Agency (NSA) exploit. This exploit, known as EternalBlue, infects computers with XMR mining malware.

Regarding the latest iteration of the malware, Carbon Black discovered the modifications when they found “unusual activity” across several endpoints. They found sophisticated, multi-stage malware that was sending detailed system metadata to a network of hijacked web servers.” Back in September 2018, the Monero community members released a blog post condemning all such XMR mining malware attacks:

“[We] condemn this malicious, non-consensual use of equipment to mine (XMR) … The Monero community does not want to sit idly by as victims struggle to understand the impact of mining and ransomware.”


Continue Reading