The long-running botnet MyKings is still in business and has raised at least $ 24.7 million using its network of compromised computers to mine cryptocurrencies. MyKings, also known as Smominru and Hexmen, is the world’s largest botnet that specializes in mining cryptocurrencies.
MyKings targets desktop and server CPUs. It caught attention back in 2017 when it infected more than half a million Windows computers to mine Monero worth about $ 2.3 million in a month.
Security company Avast has now confirmed that its operators have earned at least $ 24.7 million in various cryptocurrencies that have been transferred to Bitcoin, Ethereum and Dogecoin accounts.
Avast believes, however, that the group made most of it through their “Clipboard Stealer Module”. If it detects that someone has copied a cryptocurrency wallet address (to make a payment, for example), this module will substitute another cryptocurrency address controlled by the gang. Avast has reportedly blocked the MyKings Clipboard Stealer on 144,000 computers since the beginning of 2020. The Clipboard Stealer module has existed since 2018.