Security Affairs

NOVEMBER 9, 2021

Threat actors execute malicious scripts to deploy Monero cryptocurrency miners, perform container-to-host escape using well-known techniques, and scan the Internet for exposed ports from other compromised containers. In January 2021, the cybercrime gang launched a new campaign targeting Kubernetes environments with the Hildegard malware.

Cryptocurrency 115

Cryptocurrency Malware Cybercrime Architecture 115

Security Affairs

OCTOBER 6, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0

Malware 117

Malware Architecture Cryptocurrency Cyber Attacks 117

Security Boulevard

MAY 27, 2022

The Exfiltration Phase of The Kill Chain of a Cryptocurrency-Based Attack Provides the Greatest Opportunity to Identify Cybercriminals. Cryptocurrency gained through illicit means is less useable than other assets due to the way cryptocurrency systems currently do not fully protect owner identity and allow for only limited liquidity.

Cryptocurrency 59

Cryptocurrency Risk Marketing Architecture 59

SecureWorld News

NOVEMBER 8, 2022

Microsoft recently released its Digital Defense Report 2022 , examining the current threat landscape, touching on the first "hybrid war" that is the Ukraine-Russia conflict, reviewing the current state of cybercrime, and identifying the characteristics needed to successfully defend against future threats. The key takeaway?

Cyber threats 102

Cyber threats Architecture Passwords Authentication 102

Security Affairs

SEPTEMBER 23, 2018

Feedify cloud service architecture compromised by MageCart crime gang. New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms. Magecart cybercrime group stole customers credit cards from Newegg electronics retailer. 20% discount. Kindle Edition. Paper Copy. Once again thank you!

Computers and Electronics 83

Computers and Electronics Cryptocurrency Data breaches Advertising 83

SecureWorld News

MAY 30, 2024

The cybercrime gang RansomHub has claimed responsibility and is threatening to release "a massive trove of sensitive personal information" belonging wealthy clients of Christie's unless their ransom demand is met. The world-renowned auction house Christie's has become the latest major corporation to fall victim to a ransomware attack.

Identity Theft 112

Identity Theft Hacking Ransomware Data breaches 112

Security Affairs

SEPTEMBER 29, 2018

According to experts from Avast, the Torii bot has been active since at least December 2017, it could targets a broad range of architectures, including ARM, MIPS, x86, x64, PowerPC, and SuperH. The Torii IoT botnet stands out for the largest sets of architectures it is able to target. ” reads the analysis published by Avast.

IoT 110

IoT Architecture Advertising DDOS 110

Security Affairs

JUNE 19, 2024

A malware campaign targets publicly exposed Docker API endpoints to deliver cryptocurrency miners and other payloads. Researchers at Datadog uncovered a new cryptojacking campaign linked to the attackers behind Spinning YARN campaign. The threat actors target publicly exposed and unsecured Docker API endpoints for initial access.

Internet 134

Internet Internet Malware Architecture 134

Security Affairs

AUGUST 28, 2023

The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks. KmsdBot supports multiple architectures, including as Winx86, Arm64, and mips64, x86_64, and does not stay persistent to avoid detection.

IoT 98

IoT DDOS Architecture Internet 98

Security Affairs

DECEMBER 1, 2022

“The first use of the command is activated to receive information about the CPU architecture. AquaSec researchers believe that threat actors are using the Redigo malware to infect Redis and add them to a botnet used to launch denial-of-service (DDoS) attacks, run cryptocurrency miners, or steal data from the servers.

Malware 145

Malware DDOS Architecture Cryptocurrency 145

Security Affairs

JUNE 26, 2024

Researchers warn that the P2Pinfect worm is targeting Redis servers with ransomware and cryptocurrency mining payloads. Cado Security researchers warned that the P2Pinfect worm is employed in attacks against Redis servers, aimed at deploying both ransomware and cryptocurrency mining payloads.

Ransomware 125

Ransomware Malware Cryptocurrency Passwords 125

Security Affairs

NOVEMBER 14, 2022

The malware was employed in cryptocurrency mining campaigns and to launch denial-of-service (DDoS) attacks. KmsdBot supports multiple architectures, including as Winx86, Arm64, and mips64, x86_64, and does not stay persistent to avoid detection.

DDOS 98

DDOS Malware Cryptocurrency Architecture 98

Security Affairs

NOVEMBER 4, 2023

Kinsing actors often exploited the PHPUnit vulnerability ( CVE-2017-9841 ) and it engaged in fully automated attacks as part of mining cryptocurrency. Recently, Kinsing actors were observed exploiting vulnerable Openfire servers. The script is accessible for review here. Subsequently, Kinsing fetches and executes an additional PHP exploit.”

Architecture 127

Architecture Cryptocurrency Hacking Cybercrime 127

Security Affairs

APRIL 28, 2020

Based on our findings, there are some similarities in both techniques and architectures with another cybercrime group, which appeared in the wild around 2012, most probably Romanian. 14 ) performs a first check on CPU architecture and a second one on the number of processors. Technical Analysis. The “ run ” script (shown in Fig.

Architecture 133

Architecture Malware Hacking DDOS 133

Security Affairs

SEPTEMBER 27, 2022

Threat actors behind the new ‘Erbium’ information-stealing malware are distributing it as fake cracks and cheats for popular video games to steal victims’ credentials and cryptocurrency wallets. Ability to obtain cryptocurrency wallet information [log-in credentials and stored funds].

Malware 98

Malware Password Management Passwords Authentication 98

SC Magazine

FEBRUARY 3, 2021

The TeamTNT cybercrime gang has ramped up its attacks on the cloud over the past several months, this time launching a new malware campaign targeting Kubernetes clusters that culminated in a crytpojacking operation. The post TeamTNT launches cryptojacking operation on Kubnernetes clusters appeared first on SC Media.

Malware 90

Malware Architecture Cybercrime Media 90

Spinone

NOVEMBER 22, 2018

Medical and business organizations suffer several times as many breaches as other industries because of these three reasons: On average, companies from financial, government and educational sectors hold sufficiently more secure corporate security architecture than organizations from a medical or business sector.

Cybersecurity 73

Cybersecurity Cyber Risk Marketing Risk 73

Security Affairs

AUGUST 28, 2018

Threat actors are leveraging the flaw in the attempt to install the CNRig cryptocurrency miner. Volexity has observed at least one threat actor attempting to exploit CVE-2018-11776 en masse in order to install the CNRig cryptocurrency miner.” ” states the report published by Volexity. and 167.114.171.27,” .

Architecture 73

Architecture Cryptocurrency Advertising Wireless 73

Security Affairs

MAY 15, 2022

“Sysrv-hello is a multi-architecture Cryptojacking ( T1496 ) botnet that first emerged in late 2020, and employs Golang malware compiled into both Linux and Windows payloads. . — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022. The malware is equal parts XMRig cryptominer and aggressive botnet-propagator.

Security Intelligence 98

Security Intelligence Malware Backups Architecture 98

Security Boulevard

SEPTEMBER 13, 2022

The March 2022 theft by the Lazarus Group, a cybercrime group run by the North Korean state , began when it gained access to five of the nine private keys held by transaction validators for Ronin Network’s cross-chain bridge , according to a report from Chainalysis. With Rapid Rise in Funds Stolen from DeFi Protocols, Private Keys in Play.

Risk 52

Risk Architecture Cryptocurrency Cybercrime 52

Security Affairs

AUGUST 5, 2021

MSR registers in processor architecture are used to toggle certain CPU features and computer performance monitoring. With the rise and sky-high valuation of Bitcoin and several other cryptocurrencies, cryptomining-based attacks have continued to dominate the threat landscape. Miners Using MSR to Disable Hardware Prefetcher. Conclusion.

Malware 110

Malware Architecture Firewall Cryptocurrency 110

SecureList

NOVEMBER 14, 2023

Over the past few years, we have witnessed numerous APT actors and cybercrime groups successfully execute their code in the kernel-mode of targeted systems, despite the presence of these new protection mechanisms. These classical attack methods were prevalent during an earlier era characterized by a multitude of rootkit variants.

Hacking 141

Hacking Energy and Utilities Media Malware 141

SecureList

APRIL 27, 2022

While we were unable to obtain the same results by analyzing the CERT-UA samples, we subsequently identified a different WhiteBlackCrypt sample matching the WhisperKill architecture and sharing similar code. On February 23, ESET published a tweet announcing new wiper malware targeting Ukraine.

Malware 145

Malware Firmware Government Phishing 145

eSecurity Planet

FEBRUARY 16, 2021

For access to the decryption key, the victim must make prompt payment, often in cryptocurrency shielding the attacker’s identity. The next three actions: prioritize assets and evaluate traffic, microsegmentation, and adaptive monitoring are central steps of the zero trust architecture and greatly reduce your risks of an attack.

Ransomware 97

Ransomware Backups Software Encryption 97

The Last Watchdog

FEBRUARY 15, 2019

This makes Vidar capable of stealing cryptocurrencies from digital wallets. The good news is that an unparalleled acceleration of research has commenced in next-gen network architectures, including distributed databases, advanced encryption, datafication and artificial intelligence.

Cybercrime 124

Cybercrime IoT Internet Internet 124