The security experts found evidence that this way alone since December may have produced 158 units of the cryptocurrency with a market value of currently $ 60,000. The attackers obviously use the remote-controlled computers for other purposes. It is particularly important to PyCryptoMiner that the botnet uses a clipboard on the publishing host pastebin.com as a clipboard and does not communicate directly with a specific IP address of a control server. As a result, the network cannot be leveraged by blocking such a server address. One would have to lock the access to Pastebin.
The corresponding Pastebin reference was called since August 2017 daily about a thousand times. The owner of the registered domain has registered a total of 36,000 additional domains, as well as 235 different e-mail addresses. These would be used among other things for gambling portals and porn sites.