> we can see that the malware authors mined 53.72 XMR (~4,200 USD at the time of publishing this article) during the near month that the above address was active.<p>Anyone a little surprised by how small the profits are?<p>With control over 850,000 infected machines with an average of 2.94 cores each, I expected him to do something that will make him much more than a regular software engineering day job.
> The authors probably weren’t sure where they stood in the tabs versus spaces argument so both tabs and spaces were used in the controller. Sometimes, the indentation of source code was so bad that it would enrage even the most forgiving software engineers.<p>absolutely barbaric
> The Gendarmerie also obtained a snapshot of the C&C server’s disk from its hosting provider and shared parts of it with us so we could start to reverse engineer the contents of the C&C server.<p>That's surprising. Would full disk encryption even help to counter this ?
Source with technical details: <a href="https://decoded.avast.io/janvojtesek/putting-an-end-to-retadup-a-malicious-worm-that-infected-hundreds-of-thousands/" rel="nofollow">https://decoded.avast.io/janvojtesek/putting-an-end-to-retad...</a><p>Saved you a click