News Flash: someone is using supercomputers to mine monero randomX !!!#!!11

from there ^: "I feel left out since I don’t have a botnet for all this RandomX business. Who really benefits here?"

real example of randomx malware: twitter.com/JosephCoscia/status/1207587736267501570

"C:\ProgramData\WindowsTask\AMD.exe -o stratum+tcp://185.204.3.125:3333 -u AMD --donate-level=1 -k" from taskhostw.com/randomx/configAMDX.html

Ha, botnets donates to miner developer

I've checked all miner configs from that taskhostw.com, here is the summary: cn/gpu(ryo), cn/r(sumokoin) and rx/0 (monero)

<sech1> Botnet mining GPU coin, haha 😄

<sech1> Who told us all the time that GPU algo is botnet free?

I've checked all stratum urls with real miner and according to seed_hash it was 100% monero, and according to height sumokoin and ryo accordingly.

It's interesting to check what randomx miner is being used, xmrig or not.

if it has CN/R then antivirus can already detect it without randomx sniffer

<sech1> Judging by command line, it's stock XMRig binary (but renamed)

It looks familiar for me too, but I need better proof.

they probably use stock XMRig because they can download directly from github

without a risk of getting blocked

that tweet has link to visualization of winapi calls of that binary, it has builtin miner withoun external downloading, you can check by yourself

then I have no other explanation why they would use stock XMRig apart from laziness

I don't beleive that botnet operators are lazy people, It should very competitive market.

"survival of the fittest..."

there is also low effort malware

s/It should/It must/

you can find links weekly on bitcointalk

Do you mean phishing with fake miners like sech1 posted some time ago?

yes

There is no data about cost and value per customer for this way of initial intjection.

I beleive total audience is too small.