2018 and Mining - Information Management Today

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Security Affairs

AUGUST 23, 2019

The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryp tocurrency. On July 10, agents of the SBU raided the nuclear power plant and discovered the equipment used by the employees to mining cryptocurrency. ” reported ZDnet. Pierluigi Paganini.

Mining

Mining Military Security Access

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Security Affairs

JULY 12, 2022

Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs and the threat actors behind them. SecurityAffairs – hacking, cryptocurrency mining).

Mining

Mining Cloud IoT IT

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

MAY 12, 2019

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. The first group tracked as Pacha Group has Chinese origins, it was first detected in September 2018 and is known to deliver the Linux.GreedyAntd miner.

Mining

Mining Cloud Security IT

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Crypto Mining Service Coinhive to Call it Quits

Krebs on Security

FEBRUARY 27, 2019

com , a cryptocurrency mining service that has been heavily abused to force hacked Web sites to mine virtual currency. Coinhive took a whopping 30 percent of the cut of all Monero currency mined by its code, and this presented something of a conflict of interest when it came to stopping the rampant abuse of its platform.

Mining

Mining IT Blockchain Access

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017. “As we see, in Q2 2018 the leader by number of unique IP addresses from which Telnet password attacks originated was Brazil (23%). ” reads the report.

IoT

IoT Honeypots Passwords Mining

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. The malware has been active since at least December 2018, it targets cryptocurrency users as a triple threat. The second one is only used if a dedicated GPU is found on the host.

Mining

Mining Communications IT Security

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. 27, 2019 and already mined at least 209 Monero (XMR), valued to be around $32,056 USD. Redis Spring Data Commons CVE-2018-1273, versions prior to 1.13-1.13.10, x before 1.4.3) 1.13.10, 2.0-2.0.5

Mining

Mining Cloud Access Security

Q&A: Crypto jackers redirect illicit mining ops to bigger targets — company servers

The Last Watchdog

AUGUST 3, 2018

Illicit crypto mining is advancing apace. It began when threat actors began stealthily embedding crypto mining functionality into the web browsers of unwitting individuals. Related article: Illicit crypto mining hits cloud services. Arsene: It’s important to understand that crypto mining may seem benign.

Mining

Mining Data breaches Ransomware Cloud

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Security Affairs

AUGUST 11, 2018

Group-IB is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. Group-IB, an international company specializing in the prevention of cyberattacks, is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations.

Mining

Mining Marketing IoT Compliance

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

APRIL 1, 2020

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet , tracked as Vollgar botnet , that is targeting MSSQL databases since 2018.

Mining

Mining Passwords Education Cybersecurity

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Security Affairs

SEPTEMBER 10, 2018

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. The exploit code for the CVE-2018-14847 vulnerabilities is becoming a commodity in the hacking underground, just after its disclosure crooks started using it to compromise MikroTik routers. Summarizing, more than 370,000 of 1.2

Mining

Mining IoT Libraries Security

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

Security Affairs

AUGUST 28, 2018

According to the threat intelligence firm Volexity, the CVE-2018-11776 vulnerability is already being abused in malicious attacks in the wild. Just yesterday I wrote about the availability online of the exploit code for the recently discovered Critical remote code execution vulnerability CVE-2018-11776 in Apache Struts 2.

Mining

Mining IoT Risk IT

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Security Affairs

FEBRUARY 24, 2021

Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2. The operators of a long-running crypto-mining botnet campaign began creatively disguising their backup C2 IP address on the Bitcoin blockchain.”

Blockchain

Blockchain Mining Honeypots Security

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . The final stage of the Crackonosh attack chain is the installation of the coinminer XMRig to mine the Monero (XMR) cryptocurrency.

Mining

Mining File names Security IT

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

OCTOBER 14, 2018

Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. In September thousands of unpatched MikroTik Routers were involved in new cryptocurrency mining campaigns.

Mining

Mining Systems administration Security Access

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos.

Mining

Mining IT Security Information Security

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Security Affairs

FEBRUARY 15, 2019

. “As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers. The mining script then gets activated and begins using the majority of the computer’s CPU cycles to mine Monero for the operators.”

Mining

Mining Libraries Analytics Security

PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs

Security Affairs

DECEMBER 13, 2020

In 2018, CVE-2019-9193 was linked to this feature, naming it as a “vulnerability.” “We believe PGMiner is the first cryptocurrency mining botnet that is delivered via PostgreSQL.” . “The feature in PostgreSQL under exploitation is “copy from program,” which was introduced in version 9.3

Mining

Mining Passwords Authentication Access

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. In April, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) previously warned of attacks carried out by APT groups targeting Fortinet FortiOS servers using multiple exploits.

Government

Government Mining Archiving Encryption

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

JULY 25, 2019

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. ” reads a blog post published by Intezer. ” reads a blog post published by Intezer. ” continues the analysis.

Mining

Mining Encryption IT Security

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

Worse still, the DFS found, the vulnerability was discovered in a penetration test First American conducted on its own in December 2018. But in Wednesday’s filing, the DFS said First American was unable to determine whether records were accessed prior to Jun 2018.

Insurance

Insurance Financial Services Mining Access

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Mining

Mining Passwords IT Security

Experts warn of 7,500+ MikroTik Routers that are hijacking owners’ traffic

Security Affairs

SEPTEMBER 4, 2018

Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. ” According to the researchers, since Mid-July the hackers are exploiting the CVE-2018-14847 vulnerability in MikroTik routers to carry out the attacks.

Mining

Mining Access Communications Security

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Guy Fawkes Day, November 5th 2018 – LulzSec Italy announced credit a string of hacks and leaks targeting numerous systems and websites across Italy. In celebration of Guy Fawkes Day, November 5th 2018, LulzSec Italy announced credit for a massive string of hacks and leaks targeting numerous systems and websites across Italy.

Passwords

Passwords Archiving Mining Education

Cybercriminals Dive Into Cryptomining Pools to Launder Funds

Data Breach Today

JUNE 16, 2023

Ransomware Attackers Sent $10M to Mining Services in Q1 2023, Up From $10K in 2018 Ransomware actors are using the thing that verifies crypto transactions - mining - to their advantage.

Mining

Mining Ransomware

Cryptojacking Displaces Ransomware as Top Malware Threat

Data Breach Today

JULY 5, 2018

Criminals' Quest for Cryptocurrency Continues If 2017 was the year of ransomware innovation, 2018 is well on its way to being known as the year of cryptocurrency mining malware. Numerous studies have found that the most seen malware attacks today are designed for cryptojacking.

Ransomware

Ransomware Mining IT

Russia-linked APT28 and crooks are still using the Moobot botnet

Security Affairs

MAY 3, 2024

” reported Trend Micro. “Apart from the EdgeRouter devices, we also found compromised Raspberry Pi and other internet-facing devices in the botnet. ” concludes the report.

Healthcare

Healthcare Phishing Mining e-Discovery

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

Mining

Mining Passwords Communications IT

INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years

Security Affairs

SEPTEMBER 12, 2020

“This could be through a loss of mining time or expenditure of electricity by shutting down nodes and delaying blocks or causing the network to temporarily partition.” Two years ago, the Bitcoin protocol engineer Braydon Fuller. ” continues the paper.

Blockchain

Blockchain Paper Mining IT

MyKings botnet operators already amassed at least $24 million

Security Affairs

OCTOBER 13, 2021

” The malware was first spotted in February 2018 by researchers from Proofpoint when the bot was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities.

ROT

ROT Mining Encryption IT

New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems

Security Affairs

SEPTEMBER 17, 2021

CVE-2020-14882 Oracle WebLogic Server RCE, and CVE-2018-20062 ThinkPHP RCE) and targeting sites and systems protected with weak administrative credentials. Upon infecting a system, the malware abuses its resources to mine cryptocurrency. . The malware spread through attacks exploiting known vulnerabilities (i.e.

Honeypots

Honeypots Mining Encryption Access

Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor

Security Affairs

OCTOBER 12, 2018

Security experts from IBM are targeting Drupal vulnerabilities, including the CVE-2018-7600 and CVE-2018-7602 flaws, aka Drupalgeddon2 and Drupalgeddon3 , to install a backdoor on the infected systems and tack full control of the hosted platforms. ” states the post published by IBM.

Mining

Mining Security IT

New NRSMiner cryptominer NSA-Linked EternalBlue Exploit

Security Affairs

JANUARY 4, 2019

“Starting in mid-November 2018, our telemetry reports indicate that the newest version of the NRSMiner cryptominer, which uses the Eternal Blue exploit to propagate to vulnerable systems within a local network, is actively spreading in Asia. then it deletes itself.

Mining

Mining File names IT Access

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

Mining

Mining Passwords Government IT

Android Botnet leverages ADB ports and SSH to spread

Security Affairs

JUNE 22, 2019

Trend Micro recently discovered an Android crypto-currency mining botnet that can spread via open ADB (Android Debug Bridge) ports and Secure Shell (SSH). Security researchers at Trend Micro have discovered an new Android crypto-currency mining botnet that spreads via open ADB ( Android Debug Bridge ) ports and Secure Shell (SSH).

Mining

Mining Honeypots Authentication Communications

Annual Protest Raises $250K to Cure Krebs

Krebs on Security

MARCH 31, 2019

For the second year in a row, denizens of a large German-language online forum have donated more than USD $250,000 to cancer research organizations in protest of a story KrebsOnSecurity published in 2018 that unmasked the creators of Coinhive , a now-defunct cryptocurrency mining service that was massively abused by cybercriminals.

Mining

Mining Privacy IT

Smominru Botnet continues to rapidly spread worldwide

Security Affairs

SEPTEMBER 19, 2019

In February 2018, researchers from Proofpoint discovered a huge botnet dubbed ‘Smominru’ that was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities.

Mining

Mining Access IT Security

Microsoft warns of Dexphot miner, an interesting polymorphic threat

Security Affairs

NOVEMBER 26, 2019

Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malicious code abuse of the resources of the infected machine to mine cryptocurrency , according to the experts it has already infected 80,000 computers worldwide.

File names

File names Encryption Mining Security

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

to mine Monero, unlike 2019 variant, it uses a Python infection script to implement “wormable” capabilities. Rocke Group has been active at least since 2018 by Cisco Talos, their cryptomining operations have evolved over time with new feature and evasion techniques. ” continues the analysis.

Cloud

Cloud Libraries Mining IT

Beapy Cryptojacking campaign leverages EternalBlue exploit to spread

Security Affairs

APRIL 26, 2019

.” Experts observed a spike in the activity of Beapy in March: Since Coinhive cryptocurrency mining service shut down in March, experts observed a drop in cryptojacking attacks. Unlike Coinhive, Beapy is a file-based miner that must be installed by attackers on the victims’ machines in order to mine cryptocurrency.

Mining

Mining Archiving Phishing Passwords

Oracle critical patch advisory addresses 284 flaws, 33 critical

Security Affairs

JANUARY 18, 2019

The critical patch advisory for 2019 also fixed the CVE-2018-11776 vulnerability in the OCA’s Communications Policy Management Component, this issue was exploited in 2018 by threat actors to mine cryptocurrency.

Financial Services

Financial Services Libraries Mining Retail

Modular Cryptojacking malware uses worm abilities to spread

Security Affairs

MARCH 13, 2019

“Recently, 360 Total Security team intercepted a new worm PsMiner written in Go, which uses CVE-2018-1273, CVE-2017-10271, CVE-2015-1427, CVE-2014-3120 and other high-risk vulnerabilities ? The final stage payload is the open source Xmrig CPU miner that allows PSMiner to mine for Monero cryptocurrency.

Mining

Mining Passwords Security Risk

The Long Run of Shade Ransomware

Security Affairs

FEBRUARY 19, 2019

As stated in a recent Eset report , the Shade infection had an increase during October 2018, keeping a constant trend until the second half of December 2018, taking a break around Christmas, and then resuming in mid-January 2019 doubled in size (shown in Figure 1). Information about miner executable. Conclusions.

Ransomware

Ransomware Mining File names Encryption

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

The primary purpose of the KashmirBlack botnet is to abuse resources of compromised systems for cryptocurrency mining and redirecting a site’s legitimate traffic to spam pages. .” reads the first part of two reports published by the experts detailing the DevOps implementation behind the botnet.

CMS

CMS Mining Communications Security

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Webinars

Trending Sources

Pacha Group declares war to rival crypto mining hacking groups

Webinars

Crypto Mining Service Coinhive to Call it Quits

Evolution of threat landscape for IoT devices – H1 2018

New KryptoCibule Windows Trojan spreads via malicious torrents

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Q&A: Crypto jackers redirect illicit mining ops to bigger targets — company servers

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

WatchBog cryptomining botnet now uses Pastebin for C2

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs

APT hacked a US municipal government via an unpatched Fortinet VPN

New variant of Linux Botnet WatchBog adds BlueKeep scanner

NY Charges First American Financial for Massive Data Leak

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Experts warn of 7,500+ MikroTik Routers that are hijacking owners’ traffic

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Cybercriminals Dive Into Cryptomining Pools to Launder Funds

Cryptojacking Displaces Ransomware as Top Malware Threat

Russia-linked APT28 and crooks are still using the Moobot botnet

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years

MyKings botnet operators already amassed at least $24 million

New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems

Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor

New NRSMiner cryptominer NSA-Linked EternalBlue Exploit

PurpleFox malware infected at least 2,000 computers in Ukraine

Android Botnet leverages ADB ports and SSH to spread

Annual Protest Raises $250K to Cure Krebs

Smominru Botnet continues to rapidly spread worldwide

Microsoft warns of Dexphot miner, an interesting polymorphic threat

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Beapy Cryptojacking campaign leverages EternalBlue exploit to spread

Oracle critical patch advisory addresses 284 flaws, 33 critical

Modular Cryptojacking malware uses worm abilities to spread

The Long Run of Shade Ransomware

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Stay Connected