Hackers also used the Adf.ly URL shortening service that remunerates users when someone clicks on the link. When users clicked on these Adf.ly URLs, they were redirected and found themselves downloading the crypto-currency mining malware instead.
The miner used in this Monero cryptocurrency mining operation execute XMRig mining software via VBS files, and leverages XMRig proxy services to hide the ultimate mining pool destination.
Researchers also noticed that threat actors use the Nicehash marketplace to trade hashing processing power.
According to the experts from PaloAlto the date October 20, 2017, was a milestone in this operation. Before October 20, 2017, the attackers were using the Windows built-in BITSAdmin tool to download the XMRig mining tool from a remote location. Apart from a few exceptions, the final payload was primarily installed with the filename ‘msvc.exe’.
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Samsung MagicINFO 9 Server vulnerability to its…
Signal implements new screen security on Windows 11, blocking screenshots by default to protect user…
Microsoft found 394,000 Windows systems talking to Lumma stealer controllers, a victim pool that included…
CISA warns Russia-linked group APT28 is targeting Western logistics and tech firms aiding Ukraine, posing…
Cellcom, a regional wireless carrier based in Wisconsin (US), announced that a cyberattack is the…
Cryptocurrency exchange Coinbase announced that the recent data breach exposed data belonging to 69,461 individuals.…
This website uses cookies.