Coindesk Logo
TechTechTech
Election 2024
Election 2024
Election 2024

Monero-Mining Malware 'Crackonosh' Has Infected 222K Computers, Researchers Find

Monero-Mining Malware 'Crackonosh' Has Infected 222K Computers, Researchers Find

Monero-Mining Malware 'Crackonosh' Has Infected 222K Computers, Researchers Find

The virus has yielded over $2 million worth of XMR for its authors, security firm Avast said in a Thursday report.

The virus has yielded over $2 million worth of XMR for its authors, security firm Avast said in a Thursday report.

The virus has yielded over $2 million worth of XMR for its authors, security firm Avast said in a Thursday report.

By Cheyenne Ligon
AccessTimeIconJun 24, 2021, 7:24 PM
Updated Aug 21, 2021, 6:59 PM
Presented By Icon

Election 2024 coverage presented by

Stand with crypto

Malware called "Crackonosh" has been found in 222,000 compromised computers that were used to download illegal, torrented versions of popular video games, including "NBA 2K19" and "Grand Theft Auto V," according to a report from security company Avast published Thursday.

The virus, which has been circulating since at least June 2018, installs crypto-mining software that has yielded its authors over $2 million worth of monero.

Monero is a privacy coin that is often used by cybercriminals because it is much more difficult to trace than other cryptocurrencies like bitcoin. Monero-focused crypto-mining attacks are relatively common: The Pirate Bay, a website where users can download movies, music, software and games, announced in 2018 it would be “cryptojacking” visitors’ processing power to mine for monero, and in 2020, a botnet called “Vollgar” was found to be targeting Microsoft’s SQL servers to mine for monero, as well.

According to Avast’s analysis, Crackonosh successfully operated for years because it had built-in mechanisms to disable security software and updates, which made it difficult for users to detect and remove the program. 

The malware is thought to have originated in the Czech Republic, but it has a global reach. Cases in the United States make up only 5% of the total.

Avast’s blog post addresses the spread of the malware and teaches affected users how to uninstall the program.

The blog’s author, Daniel Benes, also shares some words of wisdom:

“The key take-away from this is that you really can’t get something for nothing and when you try to steal software, odds are someone is trying to steal from you.”

Disclosure

Please note that our privacy policy, terms of use, cookies, and do not sell my personal information have been updated.

CoinDesk is an award-winning media outlet that covers the cryptocurrency industry. Its journalists abide by a strict set of editorial policies. CoinDesk has adopted a set of principles aimed at ensuring the integrity, editorial independence and freedom from bias of its publications. CoinDesk is part of the Bullish group, which owns and invests in digital asset businesses and digital assets. CoinDesk employees, including journalists, may receive Bullish group equity-based compensation. Bullish was incubated by technology investor Block.one.

Learn more about Consensus 2024, CoinDesk's longest-running and most influential event that brings together all sides of crypto, blockchain and Web3. Head to consensus.coindesk.com to register and buy your pass now.

Read more about
MalwareMoneroCryptojacking