2018, Mining and Security - Information Management Today

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Security Affairs

AUGUST 23, 2019

The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryp tocurrency. The security incident has happened in July at the South Ukraine Nuclear Power Plant at Yuzhnoukrainsk, in the south of the country. ” reported ZDnet. Pierluigi Paganini.

Mining

Mining Military Security Access

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Security Affairs

JULY 12, 2022

Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs and the threat actors behind them. SecurityAffairs – hacking, cryptocurrency mining).

Mining

Mining Cloud IoT IT

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

MAY 12, 2019

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. The first group tracked as Pacha Group has Chinese origins, it was first detected in September 2018 and is known to deliver the Linux.GreedyAntd miner.

Mining

Mining Cloud Security IT

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Crypto Mining Service Coinhive to Call it Quits

Krebs on Security

FEBRUARY 27, 2019

com , a cryptocurrency mining service that has been heavily abused to force hacked Web sites to mine virtual currency. Coinhive took a whopping 30 percent of the cut of all Monero currency mined by its code, and this presented something of a conflict of interest when it came to stopping the rampant abuse of its platform.

Mining

Mining IT Blockchain Access

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

Security experts from Kaspersky have published an interesting report on the new trends in the IoT threat landscape. In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017. Security Affairs – IoT devices, hacking ).

IoT

IoT Honeypots Passwords Mining

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. Redis Spring Data Commons CVE-2018-1273, versions prior to 1.13-1.13.10,

Mining

Mining Cloud Access Security

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

Experts warn of the KryptoCibule Windows malware that has been active since late 2018 and has targeted users in the Czech Republic and Slovakia. Security researchers from ESET have shared technical detailts of a new piece of Windows malware tracked as KryptoCibule. The second one is only used if a dedicated GPU is found on the host.

Mining

Mining Communications IT Security

Q&A: Crypto jackers redirect illicit mining ops to bigger targets — company servers

The Last Watchdog

AUGUST 3, 2018

Illicit crypto mining is advancing apace. It began when threat actors began stealthily embedding crypto mining functionality into the web browsers of unwitting individuals. Related article: Illicit crypto mining hits cloud services. It’s likely IT and security teams won’t find the infection for months.

Mining

Mining Data breaches Ransomware Cloud

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Security Affairs

AUGUST 11, 2018

Group-IB is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations. Group-IB, an international company specializing in the prevention of cyberattacks, is recording new outbreaks of illegal mining (cryptojacking) threats in the networks of commercial and state organizations.

Mining

Mining Marketing IoT Compliance

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

APRIL 1, 2020

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet , tracked as Vollgar botnet , that is targeting MSSQL databases since 2018. Pierluigi Paganini.

Mining

Mining Passwords Education Cybersecurity

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

Security Affairs

SEPTEMBER 10, 2018

Thousands of unpatched MikroTik Routers are involved in new cryptocurrency mining campaigns. The exploit code for the CVE-2018-14847 vulnerabilities is becoming a commodity in the hacking underground, just after its disclosure crooks started using it to compromise MikroTik routers. Summarizing, more than 370,000 of 1.2

Mining

Mining IoT Libraries Security

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. IoT Attacks in 2018. Yet, the major attack of 2018 was definitely VPNFilter, hitting over half a million devices, mostly routers, from a wide range of known vendors.

IoT

IoT Security Manufacturing Privacy

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . Later the experts discovered that Crackonosh was also able to disable antivirus software from other major security vendors to avoid detection, including Windows Defender and Windows Update.

Mining

Mining File names Security IT

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Security Affairs

FEBRUARY 24, 2021

Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2. The operators of a long-running crypto-mining botnet campaign began creatively disguising their backup C2 IP address on the Bitcoin blockchain.”

Blockchain

Blockchain Mining Honeypots Security

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Original post: [link].

Security

Security IoT Passwords Manufacturing

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Security Affairs

OCTOBER 14, 2018

Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. In September thousands of unpatched MikroTik Routers were involved in new cryptocurrency mining campaigns. Pierluigi Paganini.

Mining

Mining Systems administration Security Access

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

Security Affairs

AUGUST 28, 2018

According to the threat intelligence firm Volexity, the CVE-2018-11776 vulnerability is already being abused in malicious attacks in the wild. Just yesterday I wrote about the availability online of the exploit code for the recently discovered Critical remote code execution vulnerability CVE-2018-11776 in Apache Struts 2.

Mining

Mining IoT Risk IT

Security Affairs newsletter Round 312

Security Affairs

MAY 2, 2021

Every week the best security articles from Security Affairs free for you in your email box. Every week the best security articles from Security Affairs free for you in your email box. Every week the best security articles from Security Affairs free for you in your email box. Pierluigi Paganini.

Security

Security Ransomware Mining Military

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

Security Affairs

FEBRUARY 15, 2019

Security experts at Symantec have discovered eight potentially unwanted applications (PUAs) into the Microsoft Store that were dropping cryptojacking Coinhive miners. “As soon as the apps are downloaded and launched, they fetch a coin-mining JavaScript library by triggering Google Tag Manager (GTM) in their domain servers.

Mining

Mining Libraries Analytics Security

PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs

Security Affairs

DECEMBER 13, 2020

Security researchers from Palo Alto Networks have discovered a new botnet, tracked as PgMiner, that targets PostgreSQL databases running on Linux servers to install a cryptocurrency miner. In 2018, CVE-2019-9193 was linked to this feature, naming it as a “vulnerability.” ” continues the analysis. ” concludes the analysis.

Mining

Mining Passwords Authentication Access

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

In April, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) previously warned of attacks carried out by APT groups targeting Fortinet FortiOS servers using multiple exploits. The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591.

Government

Government Mining Archiving Encryption

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

A new cryptocurrency-mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control (C&C) operations. Cisco Talos researchers discovered a new cryptocurrency -mining botnet tracked as WatchBog is heavily using the Pastebin service for command and control. ” continues Talos. Pierluigi Paganini.

Mining

Mining IT Security Information Security

Security Affairs newsletter Round 181 – News of the week

Security Affairs

SEPTEMBER 23, 2018

The best news of the week with Security Affairs. Evolution of threat landscape for IoT devices – H1 2018. Adobe issued a critical out-of-band patch to address CVE-2018-12848 Acrobat flaw. Ngrok Mining Botnet. Security Affairs – Newsletter ). A new round of the weekly SecurityAffairs newsletter arrived! Paper Copy.

Security

Security Computer and Electronics Mining Data breaches

Russia-linked APT28 and crooks are still using the Moobot botnet

Security Affairs

MAY 3, 2024

In January, the Federal Bureau of Investigation (FBI), National Security Agency (NSA), US Cyber Command, and international partners released a joint Cybersecurity Advisory (CSA) to warn that Russia-linked threat actors are using compromised Ubiquiti EdgeRouters to evade detection in cyber operations worldwide. ” reported Trend Micro.

Healthcare

Healthcare Phishing Mining e-Discovery

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

As first reported here last year , First American’s website exposed 16 years worth of digitized mortgage title insurance records — including bank account numbers and statements, mortgage and tax records, Social Security numbers, wire transaction receipts, and drivers license images. In the days that followed, the DFS and U.S.

Insurance

Insurance Financial Services Mining Access

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

NOVEMBER 9, 2018

Guy Fawkes Day, November 5th 2018 – LulzSec Italy announced credit a string of hacks and leaks targeting numerous systems and websites across Italy. In celebration of Guy Fawkes Day, November 5th 2018, LulzSec Italy announced credit for a massive string of hacks and leaks targeting numerous systems and websites across Italy.

Passwords

Passwords Archiving Mining Education

Security Affairs newsletter Round 214 – News of the week

Security Affairs

MAY 19, 2019

The best news of the week with Security Affairs. If you appreciate my effort in spreading cybersecurity awareness, please vote for Security Affairs in the section “Your Vote for the Best EU Security Tweeter” [link]. Security breach suffered by credit bureau Equifax has cost $1.4 Kindle Edition. Paper Copy.

Security

Security Mining Analytics Data breaches

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

AUGUST 8, 2019

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. Clipsa is a malware that is well known to cyber security community is able to steal cryptocurrency via clipoard hijacking and mine cryptocurrency after installing a miner. .

Mining

Mining Passwords IT Security

Security Affairs newsletter Round 203 – News of the week

Security Affairs

MARCH 3, 2019

The best news of the week with Security Affairs. Cyber Command disrupted blocked Russian troll factory during 2018 midterms. CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019. The post Security Affairs newsletter Round 203 – News of the week appeared first on Security Affairs. Kindle Edition.

Security

Security Mining Ransomware Paper

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Security Affairs

JULY 25, 2019

Experts at Intezer researchers have spotted a strain of the Linux mining that also scans the Internet for Windows RDP servers vulnerable to the Bluekeep. The post New variant of Linux Botnet WatchBog adds BlueKeep scanner appeared first on Security Affairs. ” reads a blog post published by Intezer. Pierluigi Paganini.

Mining

Mining Encryption IT Security

Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor

Security Affairs

OCTOBER 12, 2018

Security experts from IBM are targeting Drupal vulnerabilities, including the CVE-2018-7600 and CVE-2018-7602 flaws, aka Drupalgeddon2 and Drupalgeddon3 , to install a backdoor on the infected systems and tack full control of the hosted platforms. Security Affairs – Drupal, hacking ). Pierluigi Paganini.

Mining

Mining Security IT

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The post DirtyMoe botnet infected 100,000+ Windows systems in H1 2021 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Mining

Mining Passwords Communications IT

Microsoft warns of Dexphot miner, an interesting polymorphic threat

Security Affairs

NOVEMBER 26, 2019

Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malicious code abuse of the resources of the infected machine to mine cryptocurrency , according to the experts it has already infected 80,000 computers worldwide.

File names

File names Encryption Mining Security

Experts warn of 7,500+ MikroTik Routers that are hijacking owners’ traffic

Security Affairs

SEPTEMBER 4, 2018

The security firm Qihoo 360 Netlab discovered more than 7,500 MikroTik routers that have been compromised to enable Socks4 proxy maliciously. Earlier August, experts uncovered a massive crypto jacking campaign that was targeting MikroTik routers to inject a Coinhive cryptocurrency mining script in the web traffic. Pierluigi Paganini.

Mining

Mining Access Communications Security

New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems

Security Affairs

SEPTEMBER 17, 2021

CVE-2020-14882 Oracle WebLogic Server RCE, and CVE-2018-20062 ThinkPHP RCE) and targeting sites and systems protected with weak administrative credentials. Upon infecting a system, the malware abuses its resources to mine cryptocurrency. . The malware spread through attacks exploiting known vulnerabilities (i.e. Pierluigi Paganini.

Honeypots

Honeypots Mining Encryption Access

INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years

Security Affairs

SEPTEMBER 12, 2020

“This could be through a loss of mining time or expenditure of electricity by shutting down nodes and delaying blocks or causing the network to temporarily partition.” The post INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years appeared first on Security Affairs. ” continues the paper.

Blockchain

Blockchain Paper Mining IT

MyKings botnet operators already amassed at least $24 million

Security Affairs

OCTOBER 13, 2021

” The malware was first spotted in February 2018 by researchers from Proofpoint when the bot was using the EternalBlue exploit to infect Windows computers and recruit them in Monero cryptocurrency mining activities. The post MyKings botnet operators already amassed at least $24 million appeared first on Security Affairs.

ROT

ROT Mining Encryption IT

GUEST ESSAY: Tapping Bitcoin’s security — to put a stop to ‘51% attacks’ of cryptocurrency exchanges

The Last Watchdog

OCTOBER 28, 2021

However, these attacks aren’t due to exchange security flaws; malicious actors are exploiting the underlying consensus protocols of blockchains themselves. In 2018, a 51% attack on Bitcoin Gold absconded with over $18M, and the attack was estimated to cost less than $200k to execute.

Blockchain

Blockchain Mining Security IT

Android Botnet leverages ADB ports and SSH to spread

Security Affairs

JUNE 22, 2019

Trend Micro recently discovered an Android crypto-currency mining botnet that can spread via open ADB (Android Debug Bridge) ports and Secure Shell (SSH). Security researchers at Trend Micro have discovered an new Android crypto-currency mining botnet that spreads via open ADB ( Android Debug Bridge ) ports and Secure Shell (SSH).

Mining

Mining Honeypots Authentication Communications

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. ” reads the alert published by CERT-UA. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

Mining

Mining Passwords Government IT

New NRSMiner cryptominer NSA-Linked EternalBlue Exploit

Security Affairs

JANUARY 4, 2019

. “Starting in mid-November 2018, our telemetry reports indicate that the newest version of the NRSMiner cryptominer, which uses the Eternal Blue exploit to propagate to vulnerable systems within a local network, is actively spreading in Asia. ” reads the analysis published by F-Secure. then it deletes itself.

Mining

Mining File names IT Access

Modular Cryptojacking malware uses worm abilities to spread

Security Affairs

MARCH 13, 2019

Security experts at 360 Total Security have discovered a new modular cryptocurrency malware that implements worm capabilities to spread. “Recently, 360 Total Security team intercepted a new worm PsMiner written in Go, which uses CVE-2018-1273, CVE-2017-10271, CVE-2015-1427, CVE-2014-3120 and other high-risk vulnerabilities ?

Mining

Mining Passwords Security Risk

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

Security Affairs

JANUARY 31, 2021

to mine Monero, unlike 2019 variant, it uses a Python infection script to implement “wormable” capabilities. Rocke Group has been active at least since 2018 by Cisco Talos, their cryptomining operations have evolved over time with new feature and evasion techniques. ” continues the analysis. Pierluigi Paganini.

Cloud

Cloud Libraries Mining IT

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

Security experts spotted a new botnet, tracked as KashmirBlack botnet, that likely infected hundreds of thousands of websites since November 2019. The primary purpose of the KashmirBlack botnet is to abuse resources of compromised systems for cryptocurrency mining and redirecting a site’s legitimate traffic to spam pages.

CMS

CMS Mining Communications Security

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Webinars

Trending Sources

Pacha Group declares war to rival crypto mining hacking groups

Webinars

Crypto Mining Service Coinhive to Call it Quits

Evolution of threat landscape for IoT devices – H1 2018

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

New KryptoCibule Windows Trojan spreads via malicious torrents

Q&A: Crypto jackers redirect illicit mining ops to bigger targets — company servers

Group-IB: The Shadow Market Is Flooded with Cheap Mining Software

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Other 3,700 MikroTik Routers compromised in cryptoJacking campaigns

5 IoT Security Predictions for 2019

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

A Russian cyber vigilante is patching outdated MikroTik routers exposed online

Critical Apache Struts flaw CVE-2018-11776 exploited in attacks in the wild

Security Affairs newsletter Round 312

Cryptojacking Coinhive Miners for the first time found on the Microsoft Store

PgMiner botnet exploits disputed CVE to hack unsecured PostgreSQL DBs

APT hacked a US municipal government via an unpatched Fortinet VPN

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs newsletter Round 181 – News of the week

Russia-linked APT28 and crooks are still using the Moobot botnet

NY Charges First American Financial for Massive Data Leak

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs newsletter Round 214 – News of the week

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs newsletter Round 203 – News of the week

New variant of Linux Botnet WatchBog adds BlueKeep scanner

Hackers targeting Drupal vulnerabilities to install the Shellbot Backdoor

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Microsoft warns of Dexphot miner, an interesting polymorphic threat

Experts warn of 7,500+ MikroTik Routers that are hijacking owners’ traffic

New Go malware Capoae uses multiple flaws to target WordPress installs, Linux systems

INVDoS, a severe DoS issue in Bitcoin core remained undisclosed for two years

MyKings botnet operators already amassed at least $24 million

GUEST ESSAY: Tapping Bitcoin’s security — to put a stop to ‘51% attacks’ of cryptocurrency exchanges

Android Botnet leverages ADB ports and SSH to spread

PurpleFox malware infected at least 2,000 computers in Ukraine

New NRSMiner cryptominer NSA-Linked EternalBlue Exploit

Modular Cryptojacking malware uses worm abilities to spread

New Pro-Ocean crypto-miner targets Apache ActiveMQ, Oracle WebLogic, and Redis installs

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Stay Connected