Security News > 2020 > June > Cryptomining criminals under the spotlight – a SophosLabs report
Sadly unlawful cryptomining is still a thing, and SophosLabs has just published a report that follows the evolution and operation of the cybercrime gang behind a botnet known as Kingminer.
Servers have two desirable properties for cryptomining abuse, namely that they're always on, so any unauthorised mining runs 24/7, and they're usually much more powerful than the average laptop, so the crooks can dial in decent earnings without taking over the server so completely that they get noticed.
The new Kingminer report makes fascinating reading because it delves into the malware delivery system that the crooks in this gang have been evolving and using for several years now.
These crooks seems to favour brute-force password attacks against RDP and SQL servers, combined with unpatched exploits such as BlueKeep and ETERNALBLUE. Learn how the crooks guard their turf.
Learn how the crooks launch their chosen cryptomining code.