miner

Pierluigi Paganini November 03, 2019
First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Experts have spotted the first mass-hacking campaign exploiting the BlueKeep exploit, crooks leverage the exploit to install a cryptocurrency miner. Security researchers have spotted the first mass-hacking campaign exploiting the BlueKeep exploit, the attack aims at installing a cryptocurrency miner on the infected systems. In May, Microsoft warned users to update their systems to address […]

Pierluigi Paganini September 02, 2019
XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Akamai researcher Larry Cashdollar reported that a cryptocurrency miner that previously hit only Arm-powered IoT devices it now targeting Intel systems. The popular researcher Larry Cashdollar, from Akamai SIRT, announced in exclusive to The Register, that he observed a miner that previously hit only Arm-powered IoT devices targeting Intel systems. The researchers revealed that one […]

Pierluigi Paganini July 25, 2019
New variant of Linux Botnet WatchBog adds BlueKeep scanner

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. Researchers at Intezer have discovered a new variant of WatchBog, a Linux-based cryptocurrency mining botnet, that also includes a module to scan the Internet for Windows RDP servers vulnerable to the Bluekeep vulnerability (CVE-2019-0708). […]

Pierluigi Paganini July 05, 2019
Cryptomining Campaign involves Golang malware to target Linux servers

Experts at F5 Networks discovered a cryptomining campaign that is delivering a new piece of the Golang malware that targets Linux-based servers. F5 experts uncovered a cryptominer campaign that is delivering a new strain of Golang malware that targets Linux-based servers. The campaign began around June 10 and already infected several thousand machines. The malicious […]

Pierluigi Paganini September 11, 2018
Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. The exploit code for the CVE-2018-14847 vulnerabilities is becoming a commodity in the hacking underground, just after its disclosure crooks started using it to compromise MikroTik routers. Thousands of unpatched devices are mining for cryptocurrency at the moment. Earlier August, experts uncovered a massive […]

Pierluigi Paganini July 29, 2018
Underminer Exploit Kit spreading Bootkits and cryptocurrency miners

New Underminer exploit kit delivers a bootkit that infects the system’s boot sectors as well as a cryptocurrency miner dubbed Hidden Mellifera. Malware researchers from Trend Micro have spotted a new exploit kit, tracked as Underminer exploit kit, delivering a bootkit that infects the system’s boot sectors as well as a cryptocurrency miner dubbed Hidden Mellifera. “We […]

Pierluigi Paganini July 28, 2018
Microsoft revealed details of a supply chain attack at unnamed Maker of PDF Editor

Microsoft revealed that hackers attempted to compromise the supply chain of an unnamed maker of PDF software. The attackers compromised a font package installed by a PDF editor app and used it to spread a crypto-mining malware on victims’ machines. The attack was discovered by the experts from Microsoft that received alerts via the Windows […]

Pierluigi Paganini July 07, 2018
New Rakhni variant could infect systems with either a ransomware or a miner

Security researchers at  Kaspersky Labs have discovered a new strain of the Rakhni malware that could infect systems with either a ransomware or a cryptocurrency miner. Experts from Kaspersky Labs have discovered a new strain of the Rakhni ransomware family that could infect systems with either a ransomware or a cryptocurrency miner depending upon their configurations. “Way back in 2013 our malware analysts […]

Pierluigi Paganini July 05, 2018
Crooks leverage obfuscated Coinhive shortlink in a large crypto-mining operation

Crooks leverage an alternative scheme to mine cryptocurrencies, they don’t inject the CoinHive JavaScript miner directly into compromised websites. Security researchers at MalwareLabs have uncovered a new crypto mining campaign that leverages an alternative scheme to mine cryptocurrencies, differently from other campaigns, crooks don’t inject the CoinHive JavaScript miner directly in compromised websites. CoinHive also […]

Pierluigi Paganini June 22, 2018
Crooks exploit CVE-2018-7602 Drupal flaw, aka Drupalgeddon3 to deliver Monero miner

Crooks are attempting to exploit a recently patched Drupal vulnerability, tracked as CVE-2018-7602, to drop Monero mining malware onto vulnerable systems. The CVE-2018-7602 flaw is a highly critical remote code execution issue, also known as Drupalgeddon3, that was addressed by the Drupal team in April with the release of versions 7.59, 8.4.8 and 8.5.3. The security patch for the […]