Researchers at Cisco Talos have identified a new botnet dubbed Prometei which has been active since March of this year. They have described the attacks to be a complex campaign utilising multi-modular malware. It has been spreading across compromised networks through SMB exploits, including the EternalBlue exploit for Windows Server Message Block communication protocol. The goal of the attack is to mine for Monero (XMR) cryptocurrency and lock as many systems possible for increased profit, BleepingComputer reports.
