French authorities say they closed a cryptocurrency mining botnet that had infected more than 850,000 computers in 100 countries.
France’s cybergendarmes, or the C3N digital crime-fighting center, have been alerted to the possibility of a Paris-based server distributing a virus called Retadup, according to the BBC. The virus is believed to have infected hundreds of thousands of Windows-based computers around the world. Central and South America were reportedly the main target.
Once a system was infected, the hackers were able to take control and install cryptocurrency mining programs. The report says the hackers used the virus to “create the cryptocurrency Monero”. Malicious users installed XMRig or a similar program to secretly remove coins on their own without the system owner knowing.
Information also refers to the use of ransomware to steal money from victims. In most cases, hackers will use ransomware to request other coins such as Bitcoin. Authorities have not revealed how much money they have been able to harvest by spreading the virus, but the French authorities believe the people involved have managed to earn millions of euros.
C3N chief Jean-Dominique Nollet told France Inter Radio that authorities were able to shut down the botnet and stop its malicious activity.
“Basically, we were able to locate where the command server was , the control tower of the infected computer network, the botnet. It was copied, replicated with our own server and allowed the virus to act as it would on a victim’s system” he said.
The C3N will continue to run the mirrored server so that all newly infected infected computers can still be fixed.
Although the authorities have been able to disassemble the botnet, they have not yet identified them.
Despite the decline in the value of many cryptocurrencies, hackers continue to be interested in cryptocurrency mining in the recent period.