Xbooster Crypto-Mining Malware Found Hidden in Amazon Cloud (AWS)


Expert hackers have been hijacking computers to illegally mine crypto assets for a while now. Recently, one malware program has been discovered which is lurking on Amazon’s cloud to exploit the processing power of a large number of ordinary computers.

So far, the “Xbooster” malware has infected instruments using Windows OS to yield approximately $100,000 worth of monero, according to Krishna Narayanaswamy, founder and chief scientist of Netskope. Hackers are pirating computers to mine monero, which is more difficult to track than bitcoin, because it’s in the “sweet spot” of the amount of processing power required and the monetary benefit from doing so.

How Xbooster Affect Computers?

The Xbooster malware is hosted in the cloud on Amazon Web Services (AWS), according to Netskope. From there, a command-and-control server installs two programs on infected machines which is a monero miner and a manager that connects to the server. People accidentally install this malware on their computers by clicking a link in a “drive-by download.” This usually happens through an email campaign, a compromised website that shows up in search results, or the malware may be bundled with other types of programs like freeware or shareware.

Netskope indicated that the Xbooster malware is hosted in the cloud on Amazon Web Services (AWS) which helps a command-and-control server to install two programs on compromised machines. These programs include a manager that connects to the server and Monero miner. To avoid detection, the command-and-control module residing on AWS keeps the infected computer’s CPU usage low enough that its owner is unlikely to notice.

An AWS spokesperson said,

“AWS employs a number of mitigation techniques, both manual and automated, to prevent the misuse of the services. We have automatic systems in place that detect and block many attacks before they leave our infrastructure. Our terms of usage are clear and when we find misuse we take action quickly and shut it down.”

Netspoke has acknowledged that the hackers’ names and locations are not yet identified but the threat is ongoing and difficult to detect as the amount of money generated by the malware for its owners is somewhat dampened.

Get Daily Headlines

Enter Best Email to Get Trending Crypto News & Bitcoin Market Updates

What to Know More?

Join Our Telegram Group to Receive Live Updates on The Latest Blockchain & Crypto News From Your Favorite Projects

Join Our Telegram

Stay Up to Date!

Join us on Twitter to Get The Latest Trading Signals, Blockchain News, and Daily Communication with Crypto Users!

Join Our Twitter

Add comment

E-mail is already registered on the site. Please use the Login form or enter another.

You entered an incorrect username or password

Sorry, you must be logged in to post a comment.
Bitcoin Exchange Guide