Remove Encryption Remove Libraries Remove Mining
article thumbnail

Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. This issue could be exploited only when the encryption keys are obtained via a separate attack, meaning that the attackers have to chain more exploits in their campaigns. Pierluigi Paganini.

Mining 126
article thumbnail

TeamTNT group uses Hildegard Malware to target Kubernetes Systems

Security Affairs

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The malware deploys the XMRig mining tool to mine Monero cryptocurrency. It also hides malicious processes using library injection and encrypts the malicious payload.

Mining 117
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Phishing campaign targets LATAM e-commerce users with Chaes Malware

Security Affairs

bin, researchers also observed the use of a cryptocurrency mining module. . Experts observed several variants over the recent months, it authors have improved encryption and implemented new functionality of the final Node.js The malware also installs three other files, hhc.exe, hha.dll and chaes1.bin,

Phishing 131
article thumbnail

The Long Run of Shade Ransomware

Security Affairs

This file acts as downloader in the infection chain, using a series of hard-coded server addresses, It heavily rely on obfuscation and encryption to avoid the antimalware detection. Shade encrypts all the user files using an AES encryption scheme. Background of the infected machine, after encryption phase. Conclusions.

article thumbnail

Twitter Hacking for Profit and the LoLs

Krebs on Security

“can u edit that comment out, @tankska is a gaming twitter of mine and i dont want it to be on ogu :D’,” lol wrote. ” Chaewon responds in the affirmative, and asks the other user to share his account name on Wickr , an encrypted online messaging app that automatically deletes messages after a few days.

Access 301
article thumbnail

Security Affairs newsletter Round 228

Security Affairs

A backdoor mechanism found in tens of Ruby libraries. million to allow towns to access encrypted data. Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency. Malware Analysis Sandboxes could expose sensitive data of your organization. 5 Ways to Protect Yourself from IP Address Hacking.

article thumbnail

The Hacker Mind Podcast: Fuzzing Crypto

ForAllSecure

Guido Vranken returns to The Hacker Mind to discuss his CryptoFuzz tool on GitHub, as well as his experience fuzzing and finding vulnerabilities in cryptographic libraries and also within cryptocurrencies such as Ethereum. Nor am I going to wade into the debate about the ecological consequences of mining cryptocurrencies.