Mining Trojan Monitoring of CERNET

Date:

Abstract

Mining Trojan Monitoring of CERNET, by analyzing NetFlow data from CERNET network node, we managed to monitor the network traffic of mining trojans in CERNET, and build a visual monitoring system that can track the distribution of mining behaviors in CERNET. This system provides the geographical distribution of global mining pool addresses, the daily monitoring of mining traffic and the statistics of the mining behaviors of schools and institutions in CERNET. We will pay close attention and continue to update this page for a long time, and actively contribute to the maintenance of the network security of the education network.

The page of this system daily updates.

Address lists of mining pools

This is a more comprehensive list of mining pool addresses that we maintain with the help of large-scale passive domain name resolution traffic. The list includes not only basic mining pool data obtained by multiple security vendors through reverse Trojan software, but updates and extensions of mining pool addresses based on passive domain name resolution traffic.

This list updates daily.

Mining Trojan killing tool

LifeCalendarWorm is one of the most active mining Trojan families in 2021. We provide a LifeCalendarWorm killing tool.