Information Security, Mining and Security - Information Management Today

Attackers are abusing GitHub infrastructure to mine cryptocurrency

Security Affairs

APRIL 3, 2021

The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. SecurityAffairs – hacking, mining).

Mining

Mining Security IT Information Security

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. The mining program is composed of unity_install.sh In January, the Taiwanese vendor QNAP published a security advisory to warn customers of a new piece of malware named Dovecat that was targeting NAS devices.

Mining

Mining Ransomware Security IT

Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

MAY 10, 2020

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. “Blue Mockingbird is the name we’ve given to a cluster of similar activity we’ve observed involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems.”

Mining

Mining Libraries Access Encryption

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Security Affairs

SEPTEMBER 22, 2022

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The gap is being abused for malicious cryptocurrency mining.”

Mining

Mining File names Ransomware Cloud

Crypto-mining campaign targets Kubeflow installs on a large scale

Security Affairs

JUNE 9, 2021

Microsoft uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine cryptocurrency. Microsoft researchers uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine for cryptocurrency. GCP, CPU) prior to start the mining activity.

Mining

Mining Access Security Cybersecurity

OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks

Security Affairs

DECEMBER 13, 2023

Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks. ” states Microsoft.

Mining

Mining Phishing Passwords Access

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining

Mining File names Passwords Communications

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Security Affairs

AUGUST 23, 2019

The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryp tocurrency. Nuclear power plants are critical infrastructure, such kind of incident could potentially expose high-sensitive information. ” reported ZDnet. Pierluigi Paganini.

Mining

Mining Military Security Access

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Security Affairs

JULY 12, 2022

Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs and the threat actors behind them. SecurityAffairs – hacking, cryptocurrency mining).

Mining

Mining Cloud IoT IT

Cryptominer ELFs Using MSR to Boost Mining Process

Security Affairs

AUGUST 5, 2021

The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver to disable hardware prefetchers and increase the speed of the mining process by 15%. This is done to boost the miner execution performance, thereby increasing the speed of the mining process.

Mining

Mining Access IT Authentication

CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign

Security Affairs

MARCH 15, 2023

CrowdStrike researchers discovered the first-ever cryptocurrency mining campaign aimed at Dero mining since February 2023. The mining efforts by the pods are contributed back to a community pool, which distributes the reward (i.e., Dero coin) equally among its contributors through their digital wallet.”

Mining

Mining Privacy IT Access

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

MAY 12, 2019

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. org is in this blacklist and it is known that Rocke Group has used this domain for their crypto-mining operations. ” continues the report. Pierluigi Paganini.

Mining

Mining Cloud Security IT

Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack

Security Affairs

JANUARY 3, 2023

The Canadian Copper Mountain Mining Corporation (CMMC) was hit with a ransomware attack that impacted its operations. The Canadian Copper Mountain Mining Corporation (CMMC) announced to have suffered a ransomware attack late on December 27, 2022, which impacted its operation. . Pierluigi Paganini. SecurityAffairs – hacking, CMMC ).

Mining

Mining Ransomware Data breaches Risk

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

Security Affairs

APRIL 23, 2023

Experts warn of a large-scale cryptocurrency mining campaign exploiting Kubernetes (K8s) Role-Based Access Control ( RBAC ). Cloud security firm Aqua discovered a large-scale cryptocurrency mining campaign exploiting Kubernetes (K8s) Role-Based Access Control ( RBAC ) to create backdoors and run miners.

Mining

Mining Honeypots Access Cloud

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

Security Affairs

OCTOBER 6, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Rhadamanthys Stealer Adds Innovative AI Feature in Version 0.7.0

Honeypots

Honeypots Security Mining Cybersecurity

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. The WatchDog botnet has been active at least since Jan.

Mining

Mining Cloud Access Security

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Mining

Mining Passwords Access Security

TeamTNT botnet now steals Docker API and AWS credentials

Security Affairs

JANUARY 10, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The activity of the TeamTNT group has been detailed by security firm Trend Micro, but in August experts from Cado Security discovered that that botnet is also able to target misconfigured Kubernetes installations.

Mining

Mining Metadata Authentication Security

Security Affairs newsletter Round 374 by Pierluigi Paganini

Security Affairs

JULY 16, 2022

A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs for free in your email box. The post Security Affairs newsletter Round 374 by Pierluigi Paganini appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Security

Security Ransomware Mining Phishing

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

Security Affairs

JANUARY 14, 2024

million) worth of cryptocurrencies via mining activities. “The suspect is believed to have mined over USD 2 million (EUR 1.8 ” An unnamed cloud service provider supported the investigation for months. “The suspect is believed to have mined over USD 2 million (EUR 1.8 million) in cryptocurrencies.”

Mining

Mining Cloud Access Authentication

Security Affairs newsletter Round 305

Security Affairs

MARCH 14, 2021

Every week the best security articles from Security Affairs free for you in your email box. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The post Security Affairs newsletter Round 305 appeared first on Security Affairs. Pierluigi Paganini.

Security

Security Mining Ransomware Access

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

Security Affairs

AUGUST 30, 2024

Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. which no longer receives backported fixes in accordance with our Security Bug Fix Policy. The critical vulnerability CVE-2023-22527 (CVSS score 10.0) 5, 2023 as well as 8.4.5

Mining

Mining Cloud Risk Security

Android Debugging Tools Also Useful for Compromising Devices, Mining Cryptocurrency

Security Affairs

JULY 24, 2018

In an ideal world, all of the security controls are applied and all of the debugging tools are removed or disabled before the code is released to the public. ” These are very powerful functions for debugging tools, and also useful for executing malicious code without being trapped by the usual security controls.

Mining

Mining IoT Blockchain Risk

TeamTNT is the first cryptomining bot that steals AWS credentials

Security Affairs

AUGUST 18, 2020

Security researchers have discovered a new crypto-minining botnet, dubbed TeamTNT, that is able to steal AWS credentials from infected servers. Security firm Cado Security reported that the TeamTNT botnet is the first one that is able to scan and steal AWS credentials. ” reads the report published by Cado Security.

Mining

Mining Security Access IT

Security Affairs newsletter Round 326

Security Affairs

AUGUST 8, 2021

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 326 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the international press subscribe here.

Security

Security Ransomware Mining IoT

Experts found 3 malicious packages hiding crypto miners in PyPi repository

Security Affairs

JANUARY 4, 2024

The code decodes and retrieves a shell script (“unmi.sh”) from a remote server, in turn, it fetches a configuration file for the mining activity along with the CoinMiner file hosted on GitLab. This file outlines the cryptocurrency mining setting. ” reads the analysis published by Fortinet.

Mining

Mining IT Security Information Security

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Affairs

JANUARY 10, 2025

The executable then downloads a text file containing XMRig configuration details to initiate mining activities. If the environment passes these checks, it displays a fake error message before proceeding. ” concludes the report.

Phishing

Phishing Mining Authentication Communications

Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT

Security Affairs

MAY 26, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The activity of the TeamTNT group has been detailed by security firm Trend Micro, but in August experts from Cado Security discovered that that botnet is also able to target misconfigured Kubernetes installations.

Mining

Mining Cloud Security Access

Cryptomining DreamBus botnet targets Linux servers

Security Affairs

JANUARY 25, 2021

. “These techniques include numerous modules that exploit implicit trust, weak passwords, and unauthenticated remote code execution (RCE) vulnerabilities in popular applications, including Secure Shell (SSH), IT administration tools, a variety of cloud-based applications, and databases.” Ransomware, data theft).

Mining

Mining Passwords Communications Ransomware

Large-scale cryptomining campaign is targeting the NPM JavaScript package repository

Security Affairs

JULY 7, 2022

Researchers uncovered a large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. Checkmarx researchers spotted a new large-scale cryptocurrency mining campaign, tracked as CuteBoi , that is targeting the NPM JavaScript package repository. ” concludes the experts. Pierluigi Paganini.

Mining

Mining Security IT Information Security

Supply-chain attack on NPM Package UAParser, which has millions of daily downloads

Security Affairs

OCTOBER 23, 2021

CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. Cybersecurity and Infrastructure Security Agency published an advisory to warn of the discovery of a crypto-mining malware in the popular NPM Package UAParser.js. Pierluigi Paganini.

Mining

Mining Libraries Cybersecurity Security

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JULY 7, 2024

Every week the best security articles from Security Affairs are free in your email box. GootLoader is still active and efficient Hackers stole OpenAI secrets in a 2023 security breach Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes Polyfill.io A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches

Data breaches Security Mining Education

Security Affairs newsletter Round 385

Security Affairs

SEPTEMBER 25, 2022

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 385 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Security

Security Mining Data breaches Encryption

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 21, 2024

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Patch it now!

Security

Security e-Discovery Artificial Intelligence Ransomware

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

Indeed, while anonymity provides privacy and security for transactions, it can also be exploited by criminals for illicit activities, such as money laundering , drug trafficking, illegal arms sales, and terrorist financing. Prevention comes through educating users and taking robust security measures to protect their digital assets.

Education

Education Mining Encryption Cybersecurity

30 Docker images downloaded 20M times in cryptojacking attacks

Security Affairs

MARCH 30, 2021

The expert determined the number of cryptocurrencies that were mined to a mining pool account by inspecting the mining pool. Half of the images discovered by the expert were using a shared mining pool, by he estimated that threat actors mined US$200,000 worth of cryptocurrencies in a two-year period.

Mining

Mining Libraries Cloud Security

Abcbot and Xanthe botnets have the same origin, experts discovered

Security Affairs

JANUARY 10, 2022

Experts linked the C2 infrastructure behind an the Abcbot botnet to a cryptocurrency-mining botnet attack that was uncovered in December 2020. Experts linked the infrastructure used by the Abcbot DDoS botnet to the operations of a cryptocurrency-mining botnet that was uncovered in December 2020. Pierluigi Paganini.

Mining

Mining Honeypots Cloud Security

Security Affairs newsletter Round 401 by Pierluigi Paganini

Security Affairs

JANUARY 8, 2023

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 401 by Pierluigi Paganini appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Security

Security Ransomware Mining Data breaches

MaliBot Android Banking Trojan targets Spain and Italy

Security Affairs

JUNE 18, 2022

MaliBot disguises itself as a cryptocurrency mining app named “Mining X” or “The CryptoApp”, experts also observed the malicious code masqueraded as “MySocialSecurity” and “Chrome” apps. ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Mining

Mining Access Phishing Authentication

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 17, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Data breaches Ransomware Artificial Intelligence

Security Affairs newsletter Round 411 by Pierluigi Paganini

Security Affairs

MARCH 19, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the newsletter with the international press subscribe here.

Security

Security Ransomware Mining Phishing

Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks

Security Affairs

OCTOBER 4, 2023

Software giant Atlassian released emergency security updates to address a critical zero-day vulnerability, tracked as CVE-2023-22515 (CVSS score 10), in its Confluence Data Center and Server software. Atlassian fixed a critical zero-day flaw in its Confluence Data Center and Server software, which has been exploited in the wild.

Mining

Mining Access Authentication Cloud

Norton Crypto, the controversial cryptomining feature of Norton 360

Security Affairs

JANUARY 7, 2022

Many users ignore that Norton 360 comes with a cryptomining feature, dubbed Norton Crypto, that could allow them to earn money mining Ethereum (ETH) cryptocurrency while the customer’s computer is idle. Norton keeps a 15% of the mined cryptocurrency. “ Will Norton 360 mine my device without my permission?

Mining

Mining Energy and Utilities Security IT

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . Later the experts discovered that Crackonosh was also able to disable antivirus software from other major security vendors to avoid detection, including Windows Defender and Windows Update.

Mining

Mining File names Security IT

Attackers are abusing GitHub infrastructure to mine cryptocurrency

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Webinars

Trending Sources

Blue Mockingbird Monero-Mining campaign targets web apps

Webinars

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Crypto-mining campaign targets Kubeflow installs on a large scale

OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Cryptominer ELFs Using MSR to Boost Mining Process

CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign

Pacha Group declares war to rival crypto mining hacking groups

Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 14

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

New MrbMiner malware infected thousands of MSSQL DBs

TeamTNT botnet now steals Docker API and AWS credentials

Security Affairs newsletter Round 374 by Pierluigi Paganini

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

Security Affairs newsletter Round 305

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

Android Debugging Tools Also Useful for Compromising Devices, Mining Cryptocurrency

TeamTNT is the first cryptomining bot that steals AWS credentials

Security Affairs newsletter Round 326

Experts found 3 malicious packages hiding crypto miners in PyPi repository

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT

Cryptomining DreamBus botnet targets Linux servers

Large-scale cryptomining campaign is targeting the NPM JavaScript package repository

Supply-chain attack on NPM Package UAParser, which has millions of daily downloads

Security Affairs newsletter Round 479 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 385

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Cryptocurrencies and cybercrime: A critical intermingling

30 Docker images downloaded 20M times in cryptojacking attacks

Abcbot and Xanthe botnets have the same origin, experts discovered

Security Affairs newsletter Round 401 by Pierluigi Paganini

MaliBot Android Banking Trojan targets Spain and Italy

Security Affairs newsletter Round 450 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 411 by Pierluigi Paganini

Atlassian Confluence zero-day CVE-2023-22515 actively exploited in attacks

Norton Crypto, the controversial cryptomining feature of Norton 360

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Stay Connected