IT and Mining - Information Management Today

Attackers are abusing GitHub infrastructure to mine cryptocurrency

Security Affairs

APRIL 3, 2021

The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. SecurityAffairs – hacking, mining).

Mining

Mining Security IT Information Security

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. The mining program is composed of unity_install.sh The malware was designed to abuse NAS resources and mine cryptocurrency. ” reads the analysis published by 360 Netlab. and Quick.tar.gz.

Mining

Mining Ransomware Security IT

Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

MAY 10, 2020

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. “Blue Mockingbird is the name we’ve given to a cluster of similar activity we’ve observed involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems.”

Mining

Mining Libraries Access Encryption

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Security Affairs

SEPTEMBER 22, 2022

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The gap is being abused for malicious cryptocurrency mining.”

Mining

Mining File names Ransomware Cloud

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining

Mining File names Passwords Communications

Google Removes Fake Crypto-Mining Apps

Data Breach Today

AUGUST 24, 2021

Researchers Say Users Paid Fees for Fake Mining Services Google has removed eight fake crypto-mining apps from its Play Store, but security researchers have flagged 120 similar apps still available on the store, according to Trend Micro. Users paid for services the eight apps never delivered.

Mining

Mining Security IT

OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks

Security Affairs

DECEMBER 13, 2023

Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks. ” states Microsoft.

Mining

Mining Phishing Passwords Access

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Security Affairs

JULY 12, 2022

Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs and the threat actors behind them. ” states the report published by Trend Micro.

Mining

Mining Cloud IoT IT

Australian Mining Giant Confirms BianLian Ransomware Attack

Data Breach Today

JUNE 5, 2024

News Comes on Heels of Treasury Forcing Chinese Investors to Divest BianLian Shares Australian mining giant Northern Minerals says cybercriminals stole sensitive corporate secrets from its systems not long after the government forced several Chinese investors to divest their shares in the company.

Mining

Mining Ransomware Government IT

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Security Affairs

AUGUST 23, 2019

The Ukrainian Secret Service is investigating the case of employees at a nuclear power plant that connected its system online to mine cryp tocurrency. On July 10, agents of the SBU raided the nuclear power plant and discovered the equipment used by the employees to mining cryptocurrency. ” reported ZDnet. Pierluigi Paganini.

Mining

Mining Military Security Access

Cryptominer ELFs Using MSR to Boost Mining Process

Security Affairs

AUGUST 5, 2021

The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver to disable hardware prefetchers and increase the speed of the mining process by 15%. This is done to boost the miner execution performance, thereby increasing the speed of the mining process.

Mining

Mining Access IT Authentication

CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign

Security Affairs

MARCH 15, 2023

CrowdStrike researchers discovered the first-ever cryptocurrency mining campaign aimed at Dero mining since February 2023. The mining efforts by the pods are contributed back to a community pool, which distributes the reward (i.e., Dero coin) equally among its contributors through their digital wallet.”

Mining

Mining Privacy IT Access

Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack

Security Affairs

JANUARY 3, 2023

The Canadian Copper Mountain Mining Corporation (CMMC) was hit with a ransomware attack that impacted its operations. The Canadian Copper Mountain Mining Corporation (CMMC) announced to have suffered a ransomware attack late on December 27, 2022, which impacted its operation. . It is still unclear if there was a data breach.

Mining

Mining Ransomware Data breaches Risk

Israel surveillance firm NSO group can mine data from major social media

Security Affairs

JULY 19, 2019

The Israeli surveillance firm NSO Group informed its clients that it is able to scoop user data by mining from major social media. The Financial Times reported that the Israeli surveillance firm NSO Group informed its clients that it is able to mine user data from major social media. Pierluigi Paganini.

Mining

Mining Cloud Archiving Sales

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Security Affairs

APRIL 27, 2021

Cryptojacking malware allows threat actors to secretly mine for cryptocurrency abusing computational resources of the infected devices. The post Microsoft Defender uses Intel TDT technology against crypto-mining malware appeared first on Security Affairs. ” reads the announcement published by Microsoft. Pierluigi Paganini.

Mining

Mining Manufacturing Security IT

North Korea Is Now Mining Crypto to Launder Its Stolen Loot

WIRED Threat Level

MARCH 28, 2023

A spy group working for the Kim regime has been feeding stolen coins into crypto mining services in an effort to throw tracers off their trail.

Mining

Mining IT Blockchain Security

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

Security Affairs

APRIL 23, 2023

Experts warn of a large-scale cryptocurrency mining campaign exploiting Kubernetes (K8s) Role-Based Access Control ( RBAC ). Cloud security firm Aqua discovered a large-scale cryptocurrency mining campaign exploiting Kubernetes (K8s) Role-Based Access Control ( RBAC ) to create backdoors and run miners. ” concludes the report.

Mining

Mining Honeypots Access Cloud

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

Security Affairs

SEPTEMBER 9, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. Experts pointed out that even if the group is expanding its arsenal adding new capabilities, it still focuses on cryptocurrency mining. ” reads the analysis published by AT&T. Pierluigi Paganini.

Mining

Mining IT Cloud Security

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Affairs

JANUARY 10, 2025

The executable then downloads a text file containing XMRig configuration details to initiate mining activities. The executable then downloads a text file containing XMRig configuration details to initiate mining activities. ” reads the report published by CrowdStrike. ” concludes the report. ” concludes the report.

Phishing

Phishing Mining Authentication Communications

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. 27, 2019 and already mined at least 209 Monero (XMR), valued to be around $32,056 USD. The WatchDog botnet has been active at least since Jan. Drupal Versions 7 and 8. x before 1.4.3)

Mining

Mining Cloud Access Security

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

MARCH 8, 2020

A few days ago EVRAZ , one of the world’s largest multinational vertically integrated steel making and mining companies, has been hit by the Ryuk ransomware. The City of Durham, North Carolina, was the last victim in order of time of the infamous Ryuk ransomware that infected its systems. 911 calls, though, are being answered.”

Ransomware

Ransomware IT Computer and Electronics Mining

500M Avira Antivirus Users Introduced to Cryptomining

Krebs on Security

JANUARY 8, 2022

Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. For example, it doesn’t specify how much NortonLifeLock gets out of the deal (NortonLifeLock keeps 15 percent of any cryptocurrency mined by Norton Crypto).

Mining

Mining Privacy IT Security

TeamTNT group adds new detection evasion tool to its Linux miner

Security Affairs

JANUARY 28, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The TeamTNT cybercrime group has improved its Linux cryptocurrency miner by implementing open-source detection evasion capabilities. Set persistence through systemd. Drop and activate the new tool as service.

Libraries

Libraries IT Mining Security

Norton 360 Now Comes With a Cryptominer

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. According to the FAQ posted on its site , “ Norton Crypto ” will mine Ethereum (ETH) cryptocurrency while the customer’s computer is idle.

Mining

Mining Computer and Electronics Blockchain Marketing

TeamTNT botnet now steals Docker API and AWS credentials

Security Affairs

JANUARY 10, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The malware deploys the XMRig mining tool to mine Monero cryptocurrency. Researchers from Trend Micro discovered that the TeamTNT botnet was improved and is now able to steal also Docker credentials.

Mining

Mining Metadata Authentication Security

Experts found 3 malicious packages hiding crypto miners in PyPi repository

Security Affairs

JANUARY 4, 2024

The code decodes and retrieves a shell script (“unmi.sh”) from a remote server, in turn, it fetches a configuration file for the mining activity along with the CoinMiner file hosted on GitLab. This file outlines the cryptocurrency mining setting. The first stage of the malware resides in the processor.py

Mining

Mining IT Security Information Security

CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 22, 2023

Kinsing actors often exploited the PHPUnit vulnerability ( CVE-2017-9841 ) and it engaged in fully automated attacks as part of mining cryptocurrency. US CISA adds Looney Tunables Linux flaw to its Known Exploited Vulnerabilities catalog. while processing the GLIBC_TUNABLES environment variable. “We and 23.04, and Debian 12 and 13.”

IT

IT Mining Cloud Cybersecurity

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

The malware uses the victim’s resource to mine cryptocurrency, steals cryptocurrency wallet-related files, and replaces wallet addresses in the clipboard to hijack cryptocurrency payments. Both of these programs are set up to connect to an operator-controlled mining server over the Tor proxy.” ” reads the report.

Mining

Mining Communications IT Security

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Mining

Mining Passwords Access Security

Cops Hacked Thousands of Phones. Was It Legal?

WIRED Threat Level

JANUARY 4, 2023

When police infiltrated the EncroChat phone system in 2020, they hit an intelligence gold mine. But subsequent legal challenges have spread across Europe.

Mining

Mining IT Security

Previously undetected VictoryGate Botnet already infected 35,000 devices

Security Affairs

APRIL 27, 2020

The VictoryGate bot propagates via infected USB devices, it was designed to mine Monero abusing resourced of compromised devices, it is also able to deliver additional payloads. The malware uses a stratum/XMRig proxy to hide the mining pool and terminates the mining process when the user opens Task Manager, to avoid to show the CPU usage.

Mining

Mining Communications IT Security

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

Security Affairs

JANUARY 14, 2024

million) worth of cryptocurrencies via mining activities. “The suspect is believed to have mined over USD 2 million (EUR 1.8 ” An unnamed cloud service provider supported the investigation for months. “The suspect is believed to have mined over USD 2 million (EUR 1.8 million) in cryptocurrencies.”

Mining

Mining Cloud Access Authentication

Cryptomining DreamBus botnet targets Linux servers

Security Affairs

JANUARY 25, 2021

“These particular applications are targeted because they often run on systems that have powerful underlying hardware with significant amounts of memory and powerful CPUs—all of which allow threat actors to maximize their ability to monetize these resources through mining cryptocurrency.” Ransomware, data theft).

Mining

Mining Passwords Communications Ransomware

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

Security Affairs

AUGUST 30, 2024

Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. A second threat actor used a shell script to execute cryptocurrency mining activities across all accessible endpoints in the customer environment using Secure Shell (SSH).

Mining

Mining Cloud Risk Security

TeamTNT is the first cryptomining bot that steals AWS credentials

Security Affairs

AUGUST 18, 2020

The TeamTNT botnet is a crypto-mining malware operation that has been active since April and that targets Docker installs. “Over the weekend we’ve seen a crypto-mining worm spread that steals AWS credentials. Review network traffic for any connections to mining pools, or using the Stratum mining protocol.

Mining

Mining Security Access IT

Muhstik Botnet Targets Flaws in Oracle WebLogic, Drupal

Data Breach Today

NOVEMBER 12, 2020

Researchers: Malware Leverages Vulnerabilities to Mine Cryptocurrency The Muhstik botnet, which has been operating for at least two years, has recently started targeting vulnerabilities in the Oracle WebLogic application server and the Drupal content management system as a way to expand its cryptocurrency mining capabilities, according to security (..)

Mining

Mining Security IT

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Security Affairs

FEBRUARY 24, 2021

Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2. The operators of a long-running crypto-mining botnet campaign began creatively disguising their backup C2 IP address on the Bitcoin blockchain.”

Blockchain

Blockchain Mining Honeypots Security

Doki, an undetectable Linux backdoor targets Docker Servers

Security Affairs

JULY 29, 2020

The ongoing Ngrok mining botnet campaign is targeting servers are hosted on popular cloud platforms, including Alibaba Cloud, Azure, and AWS. “ Ngrok Mining Botnet is an active campaign targeting exposed Docker servers in AWS, Azure, and other cloud platforms. It has been active for at least two years.”

Blockchain

Blockchain Mining Cloud Communications

Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT

Security Affairs

MAY 26, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The malware deploys the XMRig mining tool to mine Monero cryptocurrency. Executes the script to start mining for the Monero cryptocurrency. aws/credentials and ~/.aws/config

Mining

Mining Cloud Security IT

Large-scale cryptomining campaign is targeting the NPM JavaScript package repository

Security Affairs

JULY 7, 2022

Researchers uncovered a large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. Checkmarx researchers spotted a new large-scale cryptocurrency mining campaign, tracked as CuteBoi , that is targeting the NPM JavaScript package repository. CuteBoi relies on a disposable email service called mail.tm

Mining

Mining Security IT Information Security

DreamBus Botnet Targets Linux Systems

Data Breach Today

JANUARY 22, 2021

Researchers Say It Hijacks Powerful Computer Systems to Mine Monero Zscaler's ThreatLabz research team is tracking a new botnet dubbed DreamBus that's installing the XMRig cryptominer on powerful, enterprise-class Linux and Unix systems with the goal of using their computing power to mine monero.

Mining

Mining IT

Glupteba botnet is back after Google disrupted it in December 2021

Security Affairs

DECEMBER 19, 2022

The botnet was involved in stealing users’ credentials and data, mining cryptocurrencies abusing victims’ resources, and setting up proxies to funnel other people’s internet traffic through infected machines and routers. Botnet operators use to spread the malware via cracked or pirated software and pay-per-install (PPI) schemes. .

Blockchain

Blockchain IT Mining Security

30 Docker images downloaded 20M times in cryptojacking attacks

Security Affairs

MARCH 30, 2021

The expert determined the number of cryptocurrencies that were mined to a mining pool account by inspecting the mining pool. Half of the images discovered by the expert were using a shared mining pool, by he estimated that threat actors mined US$200,000 worth of cryptocurrencies in a two-year period.

Mining

Mining Libraries Cloud Security

Attackers are abusing GitHub infrastructure to mine cryptocurrency

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Webinars

Trending Sources

Blue Mockingbird Monero-Mining campaign targets web apps

Webinars

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Google Removes Fake Crypto-Mining Apps

OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Australian Mining Giant Confirms BianLian Ransomware Attack

Employees abused systems at Ukrainian nuclear power plant to mine cryptocurrency

Cryptominer ELFs Using MSR to Boost Mining Process

CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign

Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack

Israel surveillance firm NSO group can mine data from major social media

Microsoft Defender uses Intel TDT technology against crypto-mining malware

North Korea Is Now Mining Crypto to Launder Its Stolen Loot

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

The City of Durham shut down its network after Ryuk Ransomware attack

500M Avira Antivirus Users Introduced to Cryptomining

TeamTNT group adds new detection evasion tool to its Linux miner

Norton 360 Now Comes With a Cryptominer

TeamTNT botnet now steals Docker API and AWS credentials

Experts found 3 malicious packages hiding crypto miners in PyPi repository

CISA adds Looney Tunables Linux bug to its Known Exploited Vulnerabilities catalog

New KryptoCibule Windows Trojan spreads via malicious torrents

New MrbMiner malware infected thousands of MSSQL DBs

Cops Hacked Thousands of Phones. Was It Legal?

Previously undetected VictoryGate Botnet already infected 35,000 devices

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

Cryptomining DreamBus botnet targets Linux servers

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

TeamTNT is the first cryptomining bot that steals AWS credentials

Muhstik Botnet Targets Flaws in Oracle WebLogic, Drupal

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Doki, an undetectable Linux backdoor targets Docker Servers

Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT

Large-scale cryptomining campaign is targeting the NPM JavaScript package repository

DreamBus Botnet Targets Linux Systems

Glupteba botnet is back after Google disrupted it in December 2021

30 Docker images downloaded 20M times in cryptojacking attacks

Stay Connected