Threat Database Botnets VictoryGate


By GoldSparrow in Botnets

The VictoryGate botnet is a project that was first uncovered in May 2019. Ever since cybersecurity analysts spotted this botnet, they have been keeping an eye on its activity. Since the VictoryGate botnet reached its peak activity, it has already hijacked over 35,000 systems. Most of the compromised computers were located in Peru, making about 90% of the hijacked systems. The majority of the infected computers outside of Peru were still located in various South American countries.

In the past, most botnets were used to launch DDoS (Distribute-Denial-of-Service) attacks against various targets. However, nowadays, more and more botnets opt to plant trojanized cryptocurrency miners on the compromised systems instead of using them for DDoS attacks. This is the case with the VictoryGate botnet. The creators of the VictoryGate botnet would make sure to deploy a cryptocurrency miner on every infected computer. The end goal is mining the Monero cryptocurrency. All the mined coins will be transferred to the wallet of the cyber crooks operating the VictoryGate botnet. Having a trojanized cryptocurrency miner on your system can be very detrimental to your hardware. Such utilities would use your system’s computing power without any regard for its health or longevity. Having a cryptocurrency miner on your computer would cause it to overheat, and you are very likely to experience significant performance and stability issues.

The main C&C (Command & Control) server of the VictoryGate botnet has been taken offline. Cybersecurity analysts have managed to redirect the compromised systems into a sinkhole. This prevents the trojanized cryptocurrency miner from operating and aids the researchers in spotting the compromised computers. According to reports, more than 3,000 infected systems are attempting to connect to the C&C server of the VictoryGate botnet on a daily basis.

It is likely that the VictoryGate botnet is using a rather old trick to propagate itself. The operators of the VictoryGate botnet are using a threat that is able to plant itself on portable storage devices like USB flash drives. For example, if you connect your USB drive to a compromised computer, the threat affiliated with the VictoryGate botnet would copy itself on your device and infect any other system it is used on. This may seem like a really old propagation method, but has proven to be highly effective in the case of the VictoryGate botnet.

You should take the necessary steps so that your your computer does not fall victim to a botnet like the VictoryGate botnet by investing in a legitimate anti-virus solution. If you suspect your system may have already been hijacked by a botnet, scan your computer with a reputable anti-malware application that will detect and remove any issues that may be present.


Most Viewed