article thumbnail

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Security Affairs

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. The attackers injected a command that relies on a PowerShell script to download and execute a script to spin up XMRig from a remote mining pool.

Honeypots 347
article thumbnail

After ChatGPT, Anonymous Sudan took down the Cloudflare website

Security Affairs

Skynet was first discovered in 2012 and has since grown to become one of the largest botnets in the world. The Godzilla botnet has been active since at least 2021, it was used to launch large-scale distributed denial-of-service (DDoS) attacks, as well as steal login credentials and mine cryptocurrency.

Mining 356
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

With Google’s 2012 Zeitgeist, You Won’t Learn Much. Why?

John Battelle's Searchblog

The post With Google’s 2012 Zeitgeist, You Won’t Learn Much. Imagine if Google took its massive search query database and worked with some of the leaders in the open data movement to mine true insights? The post With Google’s 2012 Zeitgeist, You Won’t Learn Much. Guess what? This guy was big this year.

article thumbnail

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Security Affairs

Based on our findings, there are some similarities in both techniques and architectures with another cybercrime group, which appeared in the wild around 2012, most probably Romanian. This directory contains the crypto mining module named kswapd0. Technical Analysis. The first folder to analyze is “a”.

Mining 334
article thumbnail

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. BHProxies initially was fairly active on Black Hat World between May and November 2012, after which it suddenly ceased all activity. The website BHProxies[.]com

Passwords 287
article thumbnail

GUEST ESSAY: Tapping Bitcoin’s security — to put a stop to ‘51% attacks’ of cryptocurrency exchanges

The Last Watchdog

However, if an attacker possesses 51% or more of the computational power of the entire network, they can force nodes to accept their alternate chain, because it’s built with more mining power than the “legitimate” chain currently on the network. Attackers can use this method of rewriting history to reverse transactions.

article thumbnail

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

Upon release from prison, Skorjanc became chief technology officer for NiceHash , a cryptocurrency mining service. A 2012 sales thread on Darkode for Rev Locker. In December 2017, $52 million worth of Bitcoin mysteriously disappeared from NiceHash coffers. In October 2019, Skorjanc was arrested in Germany in response to a U.S. .”

IT 330