Cryptocurrency Malware Group ‘Panda’ Has Amassed Nearly $100,000 in Monero

Cybersecurity experts have identified a cryptocurrency malware spreading group dubbed ‘Panda’ that has since 2018 amassed over $100,000 worth of Monero (XMR) via its activities.

According to the Cisco Talos Intelligence Group, Panda has managed to employ remote access tools (RATs) and cryptocurrency mining malware to exploit vulnerable web applications and the networks of companies to use their resources to mine the privacy-centric cryptocurrency.

RATs are risky for organizations, the cybersecurity experts warned, as the hacking group may also steal information. The team at Talos added:

This is far from the most sophisticated actor we’ve ever seen, but it still has been one of the most active attackers we’ve seen in Cisco Talos threat trap data.

According to the Talos Intelligence Group, Panda has managed to launch “successful” malware campaigns since it was first found in 2018, and has been upgrading its infrastructure and exploits ever since in what appears to be a cat and mouse game between the group and security researchers.

Talos added that it believes Panda is a “legitimate threat capable of spreading cryptocurrency miners that can use up valuable computing resources and slow down networks and systems.” The group reportedly already hit organizations in the healthcare, banking, and transportation industries, among others.

Panda is estimated to have already mined around 1,215 Monero (XMR), at press time worth over $90,000.

Featured image via