MyKings botnet uses cryptominers and clipboard hijackers to steal millions

The MyKings botnet has been around for at least five years, and is as active now as ever. New research has shown just how busy the botnet has been lately, and has uncovered its use of infected computers to mine or steal cryptocurrency through one of two techniques.

One such tactic is to install a cryptominer on the system to use victims' computers to mine cryptocurrency maliciously. Another is to use their clipboard-stealer trojan, which detects when crypto wallet addresses are copied and discretely replaces the clipboard contents with the address for a crypto wallet that belongs to the attackers.

MyKings has raked in at least $24.7 million so far. Reports stretching as far back as 2017 showed them earning $2.3 million in Monero each month through a network of over 500,000 infected computers.

Acronis Cyber Protect stops cryptojacking with its included Active Protection, while trojans like MyKings' clipboard stealer are detected and blocked by its advanced behavioral detection engine with the help of machine intelligence.