Research: 50,000 servers worldwide are infected with the cryptodike Nansh0u

virus

A study organized by a team of cybersecurity experts from Guardicore showed that about 50,000 servers worldwide are infected with a virus that targets the hidden mining of the TurtleCoin cryptocurrency (TRTL).

For the first time, a cryptodoping virus, which Guardicore representatives called Nansh0u, was discovered in April. It is assumed that in the past four months, attackers managed to infect about 50,000 servers with the virus. It is estimated that every day Nansh0u found about 700 new victims. Crypto-jacking is called malicious mining on users' computers that did not give consent and who, as often happens, are not even aware of the presence of a virus, while attackers gain by using the computing power of their PC.

Guardicore experts explain that there are more than 50,000 infected servers all over the world, companies whose activities are related to healthcare, IT, social media, and telecommunications have been the victims. It can be said that the victims were companies from 90 countries, China, the USA and India suffered the most.

In Guardicore, it is noted that the cryptodikeking virus was created by professionals. Nansh0u uses fake certificates, the virus itself is written in the EPL programming language. The privacy-oriented cryptocurrency TurtleCoin appeared in December 2017, RockSteady and Bebop were involved in its creation. One of the main goals of the Turtle Coin project is to show that a cryptocurrency can be accessible to ordinary people. In addition, the project stated that it was not going to “fill its own price”, so it did without ICO, pre-money and other methods that attract the attention of investors.