Starcraft fans use NSA exploits to mine XMR

According to F5 Network analysts, hackers were able to mine over $8000
19 December 2017   1429

Analysts of F5 Networks reported the detection of a malicious campaign for hacking servers running Windows and Linux. It was called Zealot (this term comes from popular videogame Starcraft.).

For attacks, unknown criminals use exploits from the arsenal of the US National Security Agency, published by the hacker group The Shadow Brokers. At the final stage of the infection, PowerShell is used, with the help of which a Monero crypto currency miner is installed on the compromised device. 

Analysts of F5 Networks note that an unknown group can replace Monero's miner at any time for any other malware.

Zealot seems to be the first Struts campaign using the NSA exploits to propagate inside internal networks. There were other malware campaigns like NotPetya and WannaCry ransomware, and also Adylkuzz cryptominer launching attacks by directly4 scanning the Internet for SMBs to exploit with the NSA tools the ShadowBrokers released. The Zealot campaign, however, seems to be opening new attack vector doors, automatically delivering malware on internal networks via web application vulnerabilities. The level of sophistication we are currently observing in the Zealot campaign is leading us to believe that the campaign was developed and is being run by threat actors several levels above common bot herders.

F5 Networks Research

Researchers managed to track several crypto-currency wallets of the group, which are used to output the enigmatic Monero. Currently, they contain about $ 8,500. At the same time, the income of the grouping can be much higher, since the attackers use a lot of wallets and experts admit that for certain not everyone was able to find out.

Monero to Undergo Hard Fork

All Monero holders as of block 1529810 will become owners of MoneroV on March 14
21 February 2018   58

MoneroV is a private cryptocurrency fork of the Monero blockchain. A split will occur at block 1529810 when MoneroV miners will start to create blocks on the MoneroV network.

The new MoneroV blockchain will contain the history of all transaction up until block 1529810 and all Monero coin holders will receive 10x their XMR balance amount as MoneroV coins (XMV) after the fork.

MoneroV hard fork roadmapMoneroV Roadmap


  • Decentralized peer-to-peer blockchain transaction consensus
  • Using lower transaction fees and advanced modification to the core mechanism in the way MoneroV calculates transactions and balances
  • Sending and receiving addresses are obfuscated, as well as all amounts being transferred in all transactions, and the identity cannot be linked or traced to a transaction on the MoneroV blockchain


  • Coin Supply - Capped at 256 Million XMV. Smooth emission decline until minimum
  • Circulating Supply at Hard Fork - ~158 Million XMV (10x circulating XMR supply as airdrop)
  • Proof of Work - CryptoNight (to be changed)
  • Difficulty Retarget - Every block, adjusted difficulty initially after Airdrop
  • Block Time - Every 120 seconds
  • Block Reward - Minimum of 6 XMV per block at 184,467,440 XMV in total emission
  • Block Size - Dynamic, max 2xM100

Monero holders prior to the hard-fork split that will occur in block 1529810 will receive 10 times their holdings in MoneroV coins.

No official statements regarding the support of the fork by exchanges were made yet.