2015 and Mining - Information Management Today

Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

MAY 10, 2020

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. “Blue Mockingbird is the name we’ve given to a cluster of similar activity we’ve observed involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems.”

Mining

Mining Libraries Access Encryption

Ngrok Mining Botnet

Security Affairs

SEPTEMBER 22, 2018

Additionally, the campaign is sophisticated in seeking to detect, analyse and neutralise other competing crypto-mining malware. I’ve been following the Monero mining pool address used in the Ngrok campaign and regularly checking for other research references on the internet. Introduction.

Mining

Mining Honeypots Security IT

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining

Mining File names Passwords Communications

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Security Affairs

AUGUST 23, 2019

The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryp tocurrency. On July 10, agents of the SBU raided the nuclear power plant and discovered the equipment used by the employees to mining cryptocurrency. ” reported ZDnet. Pierluigi Paganini.

Mining

Mining Military Security Access

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

Security Affairs

FEBRUARY 28, 2019

The popular in-browser cryptocurrency mining service Coinhive has announced that it will shut down on March 8, 2019. Security firms spotted several hacking campaigns aimed at compromising websites to install JavaScript-based Monero (XMR) cryptocurrency mining scripts and monetize their efforts. Pierluigi Paganini.

Mining

Mining Marketing Access Security

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

JULY 19, 2019

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media. Pierluigi Paganini.

Mining

Mining Cloud Archiving Sales

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

MAY 12, 2019

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. org is in this blacklist and it is known that Rocke Group has used this domain for their crypto-mining operations. ” continues the report. Pierluigi Paganini.

Mining

Mining Cloud Security IT

Google bans cryptocurrency mining apps from the official Play Store

Security Affairs

JULY 28, 2018

Google has updated the Play Store Developer Policy page to ban mobile mining apps that mine cryptocurrencies using the computational resources of the devices. “We don’t allow apps that mine cryptocurrency on devices,” reads the entry included in the policy. Securi ty Affairs – mining apps, Google).

Mining

Mining IT Security

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. 27, 2019 and already mined at least 209 Monero (XMR), valued to be around $32,056 USD. Elasticsearch CVE-2015-1427 (Elasticsearch sandbox evasion – version before 1.3.8 Drupal Versions 7 and 8.

Mining

Mining Cloud Access Security

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Mining

Mining Passwords Access Security

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] The CEO’s leaked emails show Eric Malek resigned from his developer position at Ashley Madison on June 19, 2015 — just four days before Bloom would announce his departure.

Passwords

Passwords Data breaches Marketing IT

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Security Affairs

AUGUST 11, 2018

Group-IB is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. Group-IB, an international company specializing in the prevention of cyberattacks, is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations.

Mining

Mining Marketing IoT Compliance

EVRAZ operations in North America disrupted by Ryuk ransomware

Security Affairs

MARCH 7, 2020

Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. EVRAZ is one of the world’s largest multinational vertically integrated steel making and mining companies with headquarters in London. Pierluigi Paganini. SecurityAffairs – hacking, EVRAZ).

Ransomware

Ransomware Computer and Electronics Mining Manufacturing

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

JUNE 20, 2018

On the face, the damage caused by cryptojacking may appear to be mostly limited to consumers and website publishers who are getting their computing resources diverted to mining fresh units of Monero, Ethereum and Bytecoin on behalf of leeching attackers. You can mine them, if you have a powerful CPU. Bilogorskiy.

Mining

Mining Cloud Ransomware Passwords

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

The malware uses the victim’s resource to mine cryptocurrency, steals cryptocurrency wallet-related files, and replaces wallet addresses in the clipboard to hijack cryptocurrency payments. Both of these programs are set up to connect to an operator-controlled mining server over the Tor proxy.” ” reads the report.

Mining

Mining Communications IT Security

Android Debugging Tools Also Useful for Compromising Devices, Mining Cryptocurrency

Security Affairs

JULY 24, 2018

.” The binary establishes a connection to the C&C server, then scans processes running on the compromised device and attempts to kill any that are running the CoinHive script that could be mining Monero. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Mining

Mining IoT Blockchain Risk

TeamTNT is the first cryptomining bot that steals AWS credentials

Security Affairs

AUGUST 18, 2020

The TeamTNT botnet is a crypto-mining malware operation that has been active since April and that targets Docker installs. “Over the weekend we’ve seen a crypto-mining worm spread that steals AWS credentials. Review network traffic for any connections to mining pools, or using the Stratum mining protocol.

Mining

Mining Security Access IT

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Security Affairs

FEBRUARY 24, 2021

Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2. The operators of a long-running crypto-mining botnet campaign began creatively disguising their backup C2 IP address on the Bitcoin blockchain.”

Blockchain

Blockchain Mining Honeypots Security

Previously undetected VictoryGate Botnet already infected 35,000 devices

Security Affairs

APRIL 27, 2020

The VictoryGate bot propagates via infected USB devices, it was designed to mine Monero abusing resourced of compromised devices, it is also able to deliver additional payloads. The malware uses a stratum/XMRig proxy to hide the mining pool and terminates the mining process when the user opens Task Manager, to avoid to show the CPU usage.

Mining

Mining Communications IT Security

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

JULY 29, 2020

The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba Cloud, Azure, and AWS. “ Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms. .” ” continues the report. Pierluigi Paganini.

Blockchain

Blockchain Mining Cloud Communications

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Security Affairs

SEPTEMBER 10, 2018

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. Thousands of unpatched devices are mining for cryptocurrency at the moment. Now the researcher Troy Mursch noticed that the infected MikroTik routers from the latest campaign open a websockets tunnel to a web browser mining script.

Mining

Mining IoT Libraries Security

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Security Affairs

FEBRUARY 15, 2019

“As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers. The mining script then gets activated and begins using the majority of the computer’s CPU cycles to mine Monero for the operators.” Pierluigi Paganini.

Mining

Mining Libraries Analytics Security

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

APRIL 1, 2020

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet , tracked as Vollgar botnet , that is targeting MSSQL databases since 2018. ” conclude the experts. Pierluigi Paganini.

Mining

Mining Passwords Education Cybersecurity

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

Security Affairs

JUNE 1, 2019

“The script then calls a Monero coin-mining binary, darwin (detected as PUA.Linux.XMRMiner.AA), to run in the background. As with all cryptocurrency miners, it uses the resources of the host system to mine cryptocurrency (Monero in this instance) without the owner’s knowledge.” ” continues the report.

Mining

Mining Honeypots Cloud Passwords

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

OCTOBER 14, 2018

Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. In September thousands of unpatched MikroTik Routers were involved in new cryptocurrency mining campaigns. Pierluigi Paganini.

Mining

Mining Systems administration Security Access

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

APRIL 6, 2020

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing. ” The Kinsing malware abuses the resources of the Docker installations to mine cryptocurrency, hackers exploit unprotected open Docker API port to instantiate an Ubuntu container. “The spre.

Mining

Mining Libraries Cloud Communications

Crooks spread malware via pirated movies during COVID-19 outbreak

Security Affairs

APRIL 30, 2020

The campaign primarily targets users in Spain and South American countries, aims to launch a coin-mining shellcode directly in memory. The in-memory DLL then injects a coin-mining code into notepad.exe through process hollowing. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Mining

Mining File names Risk Cybersecurity

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos. Pierluigi Paganini.

Mining

Mining IT Security Information Security

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

The primary purpose of the KashmirBlack botnet is to abuse resources of compromised systems for cryptocurrency mining and redirecting a site’s legitimate traffic to spam pages. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

CMS

CMS Mining Communications Security

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Mining

Mining Passwords IT Security

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

National Mining Office for Hydrocarbons & Geo-resources. Brian Dunn is a writer & researcher formally working as a content specialist for AnonHQ throughout 2015-2016. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. National Research Center’s Public Relations Office.

Passwords

Passwords Archiving Mining Education

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

MARCH 8, 2020

A few days ago EVRAZ , one of the world’s largest multinational vertically integrated steel making and mining companies, has been hit by the Ryuk ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware IT Computer and Electronics Mining

Sopra Steria hit by the Ryuk ransomware gang

Security Affairs

OCTOBER 23, 2020

A few days before, EVRAZ , one of the world’s largest multinational vertically integrated steel making and mining companies, has been hit by the Ryuk ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Computer and Electronics Mining Manufacturing

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Security Affairs

OCTOBER 28, 2018

Earlier this year Sysdig and Aqua Security researchers started observing cyber attacks targeting Kubernets and Docker instances aimed at mining Monero cryptocurrency. Miscreants can abuse Docker Engine API to deploy containers they have created with the specific intent of mining cryptocurrencies. Pierluigi Paganini.

Mining

Mining Systems administration Encryption Authentication

Romanian duo convicted of fraud Scheme infecting 400,000 computers

Security Affairs

APRIL 14, 2019

The two men also advertised fraud using email accounts created using the stolen credentials on behalf of the victims, mined cryptocurrency and stole money and cryptocurrency through credit card fraud. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The defendants would then steal account credentials.

Mining

Mining Marketing Security

Modular Cryptojacking malware uses worm abilities to spread

Security Affairs

MARCH 13, 2019

“Recently, 360 Total Security team intercepted a new worm PsMiner written in Go, which uses CVE-2018-1273, CVE-2017-10271, CVE-2015-1427, CVE-2014-3120 and other high-risk vulnerabilities ? The final stage payload is the open source Xmrig CPU miner that allows PSMiner to mine for Monero cryptocurrency.

Mining

Mining Passwords Security Risk

Linux Cryptocurrency miner leverages rootkit to avoid detection

Security Affairs

NOVEMBER 11, 2018

“We recently encountered a cryptocurrency-mining malware (detected by Trend Micro as Coinminer.Linux.KORKERDS.AB) affecting Linux systems,” reads the report published by TrendMicro. . “The rootkit component of the cryptocurrency-mining malware is a slightly modified/repurposed version of a publicly available code.

Mining

Mining IT Security

Microsoft discovers cryptomining campaign targeting Kubeflow tool for Kubernetes clusters

Security Affairs

JUNE 11, 2020

” Hackers are targeting Kubernetes clusters because nodes used from ML operations have huge computational capabilies making them ideal for fraudulent mining purposes. This fact makes Kubernetes clusters that are used for ML tasks a perfect target for crypto mining campaigns, which was the aim of this attack.”

Mining

Mining Access Security IT

French Police remotely disinfected 850,000 PCs from RETADUP bot

Security Affairs

AUGUST 28, 2019

The Retadup bot has been around since at least 2015, it was involved in several malicious campaigns aimed at delivering malware such as information stealers, ransomware and miners. Since it was the C&C server’s responsibility to give mining jobs to the bots, none of the bots received any new mining jobs to execute after this takedown.”

Mining

Mining Ransomware IT Security

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

JULY 25, 2019

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads a blog post published by Intezer. ” reads a blog post published by Intezer.

Mining

Mining Encryption IT Security

New NRSMiner cryptominer NSA-Linked EternalBlue Exploit

Security Affairs

JANUARY 4, 2019

The service creates multiple threads to carry out several malicious activities, such as data exfiltration and mining. The updated miner is injected into the svchost.exe to start crypto-mining, if the injection fails, the service writes the miner to %systemroot%system32TrustedHostex.exe and launches it. then it deletes itself.

Mining

Mining File names IT Access

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Security Affairs

MAY 4, 2020

“All traces of the crypto-mining virus were successfully eliminated yesterday, all systems remain stable, and we have not discovered any further concerns or issues on our network. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. This affects both Ghost(Pro) sites and Ghost.org billing services.”

Mining

Mining Authentication Ransomware Access

Google is indexing the phone numbers of WhatsApp users raising privacy concerns

Security Affairs

JUNE 8, 2020

mining social media accounts where the victim use the same profile picture). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Whatsapp, privacy).

Privacy

Privacy Mining Marketing Security

Black Kingdom ransomware operators exploit Pulse VPN flaws

Security Affairs

JUNE 15, 2020

and Italy hosting Android and cryptocurrency mining malware.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. . “It [198.13.49[.]179] 179] resolves to three domains, the third one being connected to other servers in the U.S. ” reported BleepingComputer.

Ransomware

Ransomware Mining Encryption Access

Blue Mockingbird Monero-Mining campaign targets web apps

Ngrok Mining Botnet

Webinars

Trending Sources

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Webinars

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

Israel surveillance firm NSO group can mine data from major social media

Pacha Group declares war to rival crypto mining hacking groups

Google bans cryptocurrency mining apps from the official Play Store

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

New MrbMiner malware infected thousands of MSSQL DBs

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

EVRAZ operations in North America disrupted by Ryuk ransomware

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

New KryptoCibule Windows Trojan spreads via malicious torrents

Android Debugging Tools Also Useful for Compromising Devices, Mining Cryptocurrency

TeamTNT is the first cryptomining bot that steals AWS credentials

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Previously undetected VictoryGate Botnet already infected 35,000 devices

Doki, an undetectable Linux backdoor targets Docker Servers

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Crooks spread malware via pirated movies during COVID-19 outbreak

WatchBog cryptomining botnet now uses Pastebin for C2

KashmirBlack, a new botnet in the threat landscape that rapidly grows

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

The City of Durham shut down its network after Ryuk Ransomware attack

Sopra Steria hit by the Ryuk ransomware gang

Crooks continue to abuse exposed Docker APIs for Cryptojacking

Romanian duo convicted of fraud Scheme infecting 400,000 computers

Modular Cryptojacking malware uses worm abilities to spread

Linux Cryptocurrency miner leverages rootkit to avoid detection

Microsoft discovers cryptomining campaign targeting Kubeflow tool for Kubernetes clusters

French Police remotely disinfected 850,000 PCs from RETADUP bot

New variant of Linux Botnet WatchBog adds BlueKeep scanner

New NRSMiner cryptominer NSA-Linked EternalBlue Exploit

Hackers are scanning the internet for vulnerable Salt installs, Ghost blogging platform hacked

Google is indexing the phone numbers of WhatsApp users raising privacy concerns

Black Kingdom ransomware operators exploit Pulse VPN flaws

Stay Connected