Beginning in August of 2017, a new cryptocurrency mining botnet, dubbed Smominru, started propagating via the recently leaked Eternal Blue exploit. Smominru, aka MyKings, is characterized by the targeting of Windows systems using WMI as a file-less persistence mechanism.[1]
As of March 2019, Smominru showed no signs of slowing down. Wapack Labs has identified approximately 316K victims connecting to Smominru infrastructure over a period of 6 days. This report provides a high-level overview of the malware installation as well as details on the Smominru infrastructure and botnet.
To read the full article and find an archive of related reporting, follow this link to READBOARD.
WWW.WAPACKLABS.COM