File names, Information Security and Mining - Information Management Today

File names

Information Security

Mining

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Security Affairs

SEPTEMBER 22, 2022

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The gap is being abused for malicious cryptocurrency mining.”

Mining

Mining File names Ransomware Cloud

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining

Mining File names Passwords Communications

Join 55,000+

Insiders

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Trending Sources

Microsoft warns of Dexphot miner, an interesting polymorphic threat

Security Affairs

NOVEMBER 26, 2019

Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malicious code abuse of the resources of the infected machine to mine cryptocurrency , according to the experts it has already infected 80,000 computers worldwide.

File names

File names Encryption Mining Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . The final stage of the Crackonosh attack chain is the installation of the coinminer XMRig to mine the Monero (XMR) cryptocurrency. Follow me on Twitter: @securityaffairs and Facebook.

Mining

Mining File names Security IT

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Security Affairs

JULY 11, 2024

“Therefore, it is recommended that users conduct a comprehensive asset assessment, verify their usage scenarios, and update PHP to the latest version to ensure security. The botnet shell script downloads an ELF file named “pty3” from a different IP address, likely a sample of Muhstik malware.

Honeypots

Honeypots File names Mining IoT

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

Security Affairs

JUNE 24, 2024

Over the past year, ExCobalt targeted Russian organizations in the the following industries: Metallurgy Telecommunications Mining Information technology Government Software development The Cobalt’s hallmark was the use of the CobInt tool , the same tool that ExCobalt began using in 2022.

File names

File names Communications Mining Archiving

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Security Affairs

JUNE 5, 2019

“This malware, which we named BlackSquid after the registries created and main component file names, is particularly dangerous for several reasons.” “Simultaneous with its attacks, BlackSquid also downloads and executes two XMRig cryptocurrency-mining components.! ” states Trend Micro.

Mining

Mining File names Libraries IT

Crooks exploit exposed Docker APIs to build AESDDoS botnet

Security Affairs

JUNE 15, 2019

. “A batch file first executes the WinEggDrop scanner (s.exe), which tries port 2375 on various hosts with Chinese IP address ranges specified in the ip.txt file.” “The output of this command is saved into a file named ips.txt, which is then fed into the Docker.exe file.

File names

File names Mining Access Communications

Experts spotted P2P worm spreading Crypto-Miners in the wild

Security Affairs

JULY 23, 2019

Recently, our threat monitoring operations pointed us to an interesting file named “ Lucio Dalla Discografia Completa ”: this file pretends to be a collection of the discography of a famous I talian singer, but it actually hides malicious intents. . Code Snippet 1: Copy of the files in a subfolder. tmp” and “64.tmp”,

Archiving

Archiving Mining File names Risk

Nansh0u campaign already infected 50,000 MS-SQL and PHPMyAdmin Servers

Security Affairs

MAY 29, 2019

The payloads used in this campaign were droppers used to deliver a cryptocurrency miner to mine TurtleCoin cryptocurrency. Experts observed many payloads dropping a kernel-mode driver using ransom file names and placed them in AppData/Local/Temp. .” continues the analysis.

File names

File names Mining Security Cybersecurity

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Webinars

Trending Sources

Microsoft warns of Dexphot miner, an interesting polymorphic threat

Webinars

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

BlackSquid malware uses multiple exploits to drop cryptocurrency miners

Crooks exploit exposed Docker APIs to build AESDDoS botnet

Experts spotted P2P worm spreading Crypto-Miners in the wild

Nansh0u campaign already infected 50,000 MS-SQL and PHPMyAdmin Servers

Stay Connected