Research: $160 Malware Botnet Tries to Steal Crypto From 72,000 Devices

Around 72,000 devices in 2019 alone were infected during a suspiciously cheap yet successful malware campaign to steal cryptocurrency, new data warns.

MasterMana continues to spread. According to the research report published by cyberintelligence company Prevailion on Oct. 2, the MasterMana botnet uses budget Russian malware that is delivered as a Trojan via a phishing email scam.

The malware itself likely costs just $100, though the hackers also required a virtual public server at a cost of $60. Despite costing just around $160 in total, MasterMana achieved considerable success, Prevailion warned, concluding that the bad actors behind it reached 2,000 devices each week since December 2018.

"This campaign's threat actors saw an opportunity and appear to have carved out a nice niche for themselves. We suspect that this particular threat actor is likely to continue operations, as previous public reporting has not deterred them, therefore we wanted to highlight their new modus operandi, so that network defenders may more easily identify their operations."

The malware works by arriving as an infected document in a phishing email.

If a user opens the document, it would trigger a series of events which would create backdoors to steal any cryptocurrency holdings in associated hot wallets.

The resurgence in the price of cryptocurrencies this year has led to new threats being detected on an almost weekly basis.

Just last week, cybersecurity experts warned about a new spyware which used encrypted messenger Telegram to replace user wallet addresses with its own.

Recently, major Slovakia-based antivirus software provider ESET has discovered a banking trojan that can steal cryptocurrencies and is especially widespread in Latin America.

As Cointelegraph reported, estimates put the total amount raised by cybercriminals this year at $4.3 billion.