Mining cryptocurrencies is a profitable business, but it is also expensive because it needs significant investment in computing power. Crooks are using malicious code that steals computing resources of victims’ machine and the number of attacks aimed to mine cryptocurrencies continues to increase.

Security researchers at security firm ESET have discovered a malware campaign that infected hundreds of Windows web servers with a malicious cryptocurrency miner. According to the experts, the criminal gang behind the attack made more than $63,000 worth of Monero (XMR) in just three months.

Crooks modified a legitimate open source Monero mining code and exploited a known buffer overflow vulnerability (CVE-2017-7269) in Microsoft IIS 6.0 to deploy the miner on unpatched Windows servers.