[ad_1]
VictoryGate, the botnet that comes with a pendrive
As we know, one of the threats that are present on the Internet are botnets. They can put our devices at risk. Basically they are a bot set They run automatically and allow control of devices remotely. Our devices may belong to that botnet.
We have seen many types of botnets that have put users’ security at risk. However, not all of them are the same. Especially the way in which they infect can vary. Today we are talking about VictoryGate, which is a new botnet that they have discovered and that has the peculiarity of infecting users through a pen drive.
This botnet called VictoryGate has been discovered by a group of security researchers from ESET. They have indicated that it has affected at least 35,000 computers with the Windows operating system. This botnet can be used to secretly mine the Monero cryptocurrency.
We already know that cryptocurrency miners They represent one of the threats present in the network and that has grown the most in recent years. They can put our teams at risk, as they use the resources available to achieve their goal. This can affect the performance of the systems and also cause hardware problems.
The botnet has been active for several months
Security researchers have indicated that this botnet has been active for months. It has attacked both private users and public institutions. Its main objective, as we have mentioned, is to mine cryptocurrencies. From ESET they have indicated that they have been working with the DNS provider No-IP to eliminate the malicious servers.
The same ESET security researchers have indicated that the VictoryGate botnet It spreads via removable devices like USB drives which, when connected to the victim machine, installs a malicious load on the system.
This module also communicates with a server and may receive a secondary load that injects arbitrary code into legitimate Windows processes. This includes malicious software to mine monero.
They have indicated that usb drives that are used as a propagation vector, there may be new infections in the future. Of course, they ensure that much of the infrastructure has already been disabled and therefore could not receive secondary charges. However those who were previously compromised could still mine Monero.
In short, we are facing a threat that can be distributed through a simple pendrive. We have already seen that the way malware spreads can be very different.
We leave you an article with tips to avoid malware.
