Mining - Information Management Today

Attackers are abusing GitHub infrastructure to mine cryptocurrency

Security Affairs

APRIL 3, 2021

The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency. SecurityAffairs – hacking, mining).

Mining

Mining Security IT Information Security

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Security Affairs

MARCH 8, 2021

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. The mining program is composed of unity_install.sh The malware was designed to abuse NAS resources and mine cryptocurrency. ” reads the analysis published by 360 Netlab. and Quick.tar.gz.

Mining

Mining Ransomware Security IT

Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

MAY 10, 2020

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. “Blue Mockingbird is the name we’ve given to a cluster of similar activity we’ve observed involving Monero cryptocurrency-mining payloads in dynamic-link library (DLL) form on Windows systems.”

Mining

Mining Libraries Access Encryption

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Security Affairs

SEPTEMBER 22, 2022

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The gap is being abused for malicious cryptocurrency mining.”

Mining

Mining File names Ransomware Cloud

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

Is Cryptocurrency-Mining Malware Due for a Comeback?

Data Breach Today

JULY 16, 2021

But if the viability of ransomware as a criminal business model should decline, expect those attackers to quickly embrace something else, such as illicitly mining for cryptocurrency. The world is now focused on ransomware, perhaps more so than any previous cybersecurity threat in history.

Mining

Mining Ransomware Cybersecurity

Google Removes Fake Crypto-Mining Apps

Data Breach Today

AUGUST 24, 2021

Researchers Say Users Paid Fees for Fake Mining Services Google has removed eight fake crypto-mining apps from its Play Store, but security researchers have flagged 120 similar apps still available on the store, according to Trend Micro. Users paid for services the eight apps never delivered.

Mining

Mining Security IT

OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks

Security Affairs

DECEMBER 13, 2023

Microsoft warns that threat actors are using OAuth applications cryptocurrency mining campaigns and phishing attacks. Threat actors are using OAuth applications such as an automation tool in cryptocurrency mining campaigns and other financially motivated attacks. ” states Microsoft.

Mining

Mining Phishing Passwords Access

Crypto-mining campaign targets Kubeflow installs on a large scale

Security Affairs

JUNE 9, 2021

Microsoft uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine cryptocurrency. Microsoft researchers uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine for cryptocurrency. GCP, CPU) prior to start the mining activity.

Mining

Mining Access Security Cybersecurity

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining

Mining File names Passwords Communications

Hackers Used Malicious Docker Images to Mine Monero

Data Breach Today

JUNE 26, 2020

Researchers Found Images on Docker Hub That Contained Cryptominers A recently uncovered cryptomining scheme used malicious Docker images to hide cryptocurrency mining code, according to an analysis from Palo Alto Networks' Unit 42.

Mining

Malicious Docker Images Used to Mine Monero

Data Breach Today

AUGUST 13, 2021

Images on Docker Hub Contained Cryptominers A recently uncovered cryptomining scheme used malicious Docker images to hijack organizations’ computing resources to mine cryptocurrency, according to the cybersecurity firm Aqua Security.

Mining

Mining Cybersecurity Security

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Security Affairs

JULY 12, 2022

Researchers investigated cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs. Researchers from Trend Micro published a report that details cloud-based cryptocurrency mining attacks targeting GitHub Actions and Azure VMs and the threat actors behind them. SecurityAffairs – hacking, cryptocurrency mining).

Mining

Mining Cloud IoT IT

Monero Mining Botnet Targets PostgreSQL Database Servers

Data Breach Today

DECEMBER 14, 2020

Researchers: 'PGMiner' Malware Uses Brute-Force Methods to Guess Passwords Researchers with Palo Alto Networks' Unit 42 are tracking a relatively new cryptomining botnet called "PGMiner," which is targeting PostgreSQL database servers to illegally mine for monero. Currently, the malware only targets Linux-based database servers.

Mining

Mining Passwords

Australian Mining Giant Confirms BianLian Ransomware Attack

Data Breach Today

JUNE 5, 2024

News Comes on Heels of Treasury Forcing Chinese Investors to Divest BianLian Shares Australian mining giant Northern Minerals says cybercriminals stole sensitive corporate secrets from its systems not long after the government forced several Chinese investors to divest their shares in the company.

Mining

Mining Ransomware Government IT

Cryptominer ELFs Using MSR to Boost Mining Process

Security Affairs

AUGUST 5, 2021

The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver to disable hardware prefetchers and increase the speed of the mining process by 15%. This is done to boost the miner execution performance, thereby increasing the speed of the mining process.

Mining

Mining Access IT Authentication

CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign

Security Affairs

MARCH 15, 2023

CrowdStrike researchers discovered the first-ever cryptocurrency mining campaign aimed at Dero mining since February 2023. The mining efforts by the pods are contributed back to a community pool, which distributes the reward (i.e., Dero coin) equally among its contributors through their digital wallet.”

Mining

Mining Privacy IT Access

Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack

Security Affairs

JANUARY 3, 2023

The Canadian Copper Mountain Mining Corporation (CMMC) was hit with a ransomware attack that impacted its operations. The Canadian Copper Mountain Mining Corporation (CMMC) announced to have suffered a ransomware attack late on December 27, 2022, which impacted its operation. . ” concludes the statement. Pierluigi Paganini.

Mining

Mining Ransomware Data breaches Risk

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Security Affairs

APRIL 27, 2021

Cryptojacking malware allows threat actors to secretly mine for cryptocurrency abusing computational resources of the infected devices. The post Microsoft Defender uses Intel TDT technology against crypto-mining malware appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Mining

Mining Manufacturing Security IT

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

Security Affairs

APRIL 23, 2023

Experts warn of a large-scale cryptocurrency mining campaign exploiting Kubernetes (K8s) Role-Based Access Control ( RBAC ). Cloud security firm Aqua discovered a large-scale cryptocurrency mining campaign exploiting Kubernetes (K8s) Role-Based Access Control ( RBAC ) to create backdoors and run miners.

Mining

Mining Honeypots Access Cloud

Researchers Discover New Malware Aimed at Mining Sector

Data Breach Today

JULY 10, 2024

Remote Access Trojan 'Poco RAT' Targets Mining, Manufacturing Sectors, Says Report A new report published by Cofense Intelligence identifies a malware called "Poco RAT" that is actively targeting mining and manufacturing sectors across Latin America through a simple remote access Trojan that could be capable of delivering additional malware for ransomware (..)

Mining

Mining Manufacturing Ransomware Access

PC running slow? This tiny storage drive gave mine an instant speed boost

Collaboration 2.0

JANUARY 15, 2025

Instead of buying an all-new processor, this thumb-sized 1TB storage drive gave my old PC a much-needed speed boost.

Mining

500M Avira Antivirus Users Introduced to Cryptomining

Krebs on Security

JANUARY 8, 2022

Many readers were surprised to learn recently that the popular Norton 360 antivirus suite now ships with a program which lets customers make money mining virtual currency. For example, it doesn’t specify how much NortonLifeLock gets out of the deal (NortonLifeLock keeps 15 percent of any cryptocurrency mined by Norton Crypto).

Mining

Mining Privacy IT Security

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

PaloAlto Network warns of the WatchDog botnet that uses exploits to take over Windows and Linux servers and mine cryptocurrency. 27, 2019 and already mined at least 209 Monero (XMR), valued to be around $32,056 USD. The WatchDog botnet has been active at least since Jan.

Mining

Mining Cloud Access Security

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

A threat actor is launching brute-force attacks on MSSQL servers in the attempt to access them to install a new crypto-mining malware dubbed MrbMiner. A group of hackers is launching brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. Mining process.”

Mining

Mining Passwords Access Security

Norton 360 Now Comes With a Cryptominer

Krebs on Security

JANUARY 6, 2022

Norton 360 , one of the most popular antivirus products on the market today, has installed a cryptocurrency mining program on its customers’ computers. According to the FAQ posted on its site , “ Norton Crypto ” will mine Ethereum (ETH) cryptocurrency while the customer’s computer is idle. ” reads a Dec.

Mining

Mining Computer and Electronics Blockchain Marketing

TeamTNT botnet now steals Docker API and AWS credentials

Security Affairs

JANUARY 10, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The malware deploys the XMRig mining tool to mine Monero cryptocurrency. Researchers from Trend Micro discovered that the TeamTNT botnet was improved and is now able to steal also Docker credentials.

Mining

Mining Metadata Authentication Security

New KryptoCibule Windows Trojan spreads via malicious torrents

Security Affairs

SEPTEMBER 2, 2020

The malware uses the victim’s resource to mine cryptocurrency, steals cryptocurrency wallet-related files, and replaces wallet addresses in the clipboard to hijack cryptocurrency payments. Both of these programs are set up to connect to an operator-controlled mining server over the Tor proxy.” ” reads the report.

Mining

Mining Communications IT Security

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Security Affairs

JANUARY 10, 2025

The executable then downloads a text file containing XMRig configuration details to initiate mining activities. If the environment passes these checks, it displays a fake error message before proceeding. ” concludes the report.

Phishing

Phishing Mining Authentication Communications

Experts found 3 malicious packages hiding crypto miners in PyPi repository

Security Affairs

JANUARY 4, 2024

The code decodes and retrieves a shell script (“unmi.sh”) from a remote server, in turn, it fetches a configuration file for the mining activity along with the CoinMiner file hosted on GitLab. This file outlines the cryptocurrency mining setting. ” reads the analysis published by Fortinet.

Mining

Mining IT Security Information Security

Malware Targets Kubernetes Clusters

Data Breach Today

FEBRUARY 4, 2021

The malicious code is likely the work of the TeamTNT hacking group, which mines for monero cryptocurrency. Researchers: 'Hildegard' Linked to TeamTNT Hacking Group A previously undocumented malware variant called "Hildegard" is targeting Kubernetes clusters, according to Palo Alto Networks' Unit 42.

Mining

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

Security Affairs

JANUARY 14, 2024

million) worth of cryptocurrencies via mining activities. “The suspect is believed to have mined over USD 2 million (EUR 1.8 ” An unnamed cloud service provider supported the investigation for months. “The suspect is believed to have mined over USD 2 million (EUR 1.8 million) in cryptocurrencies.”

Mining

Mining Cloud Access Authentication

Muhstik Botnet Targets Flaws in Oracle WebLogic, Drupal

Data Breach Today

NOVEMBER 12, 2020

Researchers: Malware Leverages Vulnerabilities to Mine Cryptocurrency The Muhstik botnet, which has been operating for at least two years, has recently started targeting vulnerabilities in the Oracle WebLogic application server and the Drupal content management system as a way to expand its cryptocurrency mining capabilities, according to security (..)

Mining

Mining Security IT

TeamTNT is the first cryptomining bot that steals AWS credentials

Security Affairs

AUGUST 18, 2020

The TeamTNT botnet is a crypto-mining malware operation that has been active since April and that targets Docker installs. “Over the weekend we’ve seen a crypto-mining worm spread that steals AWS credentials. Review network traffic for any connections to mining pools, or using the Stratum mining protocol.

Mining

Mining Security Access IT

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

Security Affairs

FEBRUARY 24, 2021

Security experts from Akamai have spotted a new botnet used for illicit cryptocurrency mining activities that are abusing Bitcoin (BTC) transactions to implement a backup mechanism for C2. The operators of a long-running crypto-mining botnet campaign began creatively disguising their backup C2 IP address on the Bitcoin blockchain.”

Blockchain

Blockchain Mining Honeypots Security

DreamBus Botnet Targets Linux Systems

Data Breach Today

JANUARY 22, 2021

Researchers Say It Hijacks Powerful Computer Systems to Mine Monero Zscaler's ThreatLabz research team is tracking a new botnet dubbed DreamBus that's installing the XMRig cryptominer on powerful, enterprise-class Linux and Unix systems with the goal of using their computing power to mine monero.

Mining

Mining IT

Researchers Find Mozi Botnet Continues to Grow

Data Breach Today

SEPTEMBER 18, 2020

The malware is being used to launch DDoS attacks as well as mine for cryptocurrency. IBM: P2P Botnet Now Accounts for 90% of IoT Network Traffic Mozi, a relatively new peer-to-peer botnet, is now dominating global IoT network traffic, according to a new report from IBM's X-Force unit.

IoT

IoT Mining

Previously undetected VictoryGate Botnet already infected 35,000 devices

Security Affairs

APRIL 27, 2020

The VictoryGate bot propagates via infected USB devices, it was designed to mine Monero abusing resourced of compromised devices, it is also able to deliver additional payloads. The malware uses a stratum/XMRig proxy to hide the mining pool and terminates the mining process when the user opens Task Manager, to avoid to show the CPU usage.

Mining

Mining Communications IT Security

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

Security Affairs

AUGUST 30, 2024

Threat actors are actively exploiting a critical flaw in the Atlassian Confluence Data Center and Confluence Server in cryptocurrency mining campaigns. A second threat actor used a shell script to execute cryptocurrency mining activities across all accessible endpoints in the customer environment using Secure Shell (SSH).

Mining

Mining Cloud Risk Security

30 Docker images downloaded 20M times in cryptojacking attacks

Security Affairs

MARCH 30, 2021

The expert determined the number of cryptocurrencies that were mined to a mining pool account by inspecting the mining pool. Half of the images discovered by the expert were using a shared mining pool, by he estimated that threat actors mined US$200,000 worth of cryptocurrencies in a two-year period.

Mining

Mining Libraries Cloud Security

Large-scale cryptomining campaign is targeting the NPM JavaScript package repository

Security Affairs

JULY 7, 2022

Researchers uncovered a large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. Checkmarx researchers spotted a new large-scale cryptocurrency mining campaign, tracked as CuteBoi , that is targeting the NPM JavaScript package repository.

Mining

Mining Security IT Information Security

Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT

Security Affairs

MAY 26, 2021

The TeamTNT botnet is a crypto-mining malware operation that has been active since April 2020 and that targets Docker installs. The malware deploys the XMRig mining tool to mine Monero cryptocurrency. Executes the script to start mining for the Monero cryptocurrency. aws/credentials and ~/.aws/config Pierluigi Paganini.

Mining

Mining Cloud Security IT

Supply-chain attack on NPM Package UAParser, which has millions of daily downloads

Security Affairs

OCTOBER 23, 2021

CISA warned of crypto-mining malware hidden in a popular JavaScript NPM library, named UAParser.js, which has millions of weekly downloads. Cybersecurity and Infrastructure Security Agency published an advisory to warn of the discovery of a crypto-mining malware in the popular NPM Package UAParser.js.

Mining

Mining Libraries Cybersecurity Security

Supercomputer Intrusions Trace to Cryptocurrency Miners

Data Breach Today

MAY 18, 2020

Likely Connected: Attacks Against Systems in US, UK, China, Germany and Beyond Cryptocurrency-mining hackers appear to be behind a recent spate of supercomputer and high-performance computing system intrusions. But it's unclear if attackers might also have had data-stealing or espionage intentions.

Mining

Mining IT

Attackers are abusing GitHub infrastructure to mine cryptocurrency

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Webinars

Trending Sources

Blue Mockingbird Monero-Mining campaign targets web apps

Webinars

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Is Cryptocurrency-Mining Malware Due for a Comeback?

Google Removes Fake Crypto-Mining Apps

OAuth apps used in cryptocurrency mining, phishing campaigns, and BEC attacks

Crypto-mining campaign targets Kubeflow installs on a large scale

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Hackers Used Malicious Docker Images to Mine Monero

Malicious Docker Images Used to Mine Monero

Cloud-Based Cryptocurrency mining attacks abuse GitHub Actions and Azure VM

Monero Mining Botnet Targets PostgreSQL Database Servers

Australian Mining Giant Confirms BianLian Ransomware Attack

Cryptominer ELFs Using MSR to Boost Mining Process

CrowdStrike discovered the first-ever Dero cryptocurrency mining campaign

Canadian Copper Mountain Mining Corporation (CMMC) shut down the mill after a ransomware attack

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Experts spotted first-ever crypto mining campaign leveraging Kubernetes RBAC

Researchers Discover New Malware Aimed at Mining Sector

PC running slow? This tiny storage drive gave mine an instant speed boost

500M Avira Antivirus Users Introduced to Cryptomining

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

New MrbMiner malware infected thousands of MSSQL DBs

Norton 360 Now Comes With a Cryptominer

TeamTNT botnet now steals Docker API and AWS credentials

New KryptoCibule Windows Trojan spreads via malicious torrents

Phishers abuse CrowdStrike brand targeting job seekers with cryptominer

Experts found 3 malicious packages hiding crypto miners in PyPi repository

Malware Targets Kubernetes Clusters

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

Muhstik Botnet Targets Flaws in Oracle WebLogic, Drupal

TeamTNT is the first cryptomining bot that steals AWS credentials

A Cryptomining botnet abuses Bitcoin blockchain transactions as C2 backup mechanism

DreamBus Botnet Targets Linux Systems

Researchers Find Mozi Botnet Continues to Grow

Previously undetected VictoryGate Botnet already infected 35,000 devices

Threat actors exploit Atlassian Confluence bug in cryptomining campaigns

30 Docker images downloaded 20M times in cryptojacking attacks

Large-scale cryptomining campaign is targeting the NPM JavaScript package repository

Nearly 50,000 IPs compromised in Kubernetes clusters by TeamTNT

Supply-chain attack on NPM Package UAParser, which has millions of daily downloads

Supercomputer Intrusions Trace to Cryptocurrency Miners

Stay Connected