Security News

New Cryptojacking Attack Targets Docker API to Create Malicious Swarm Botnet
2024-10-01 05:12

Cybersecurity researchers have uncovered a new cryptojacking campaign targeting the Docker Engine API with the goal of co-opting the instances to join a malicious Docker Swarm controlled by the...

New TeamTNT Cryptojacking Campaign Targets CentOS Servers with Rootkit
2024-09-19 13:27

The cryptojacking operation known as TeamTNT has likely resurfaced as part of a new campaign targeting Virtual Private Server (VPS) infrastructures based on the CentOS operating system. "The...

Cryptojacking Campaign Targets Misconfigured Kubernetes Clusters
2024-06-12 13:42

Cybersecurity researchers have warned of an ongoing cryptojacking campaign targeting misconfigured Kubernetes clusters to mine Dero cryptocurrency. Cloud security firm Wiz, which shed light on the...

Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances
2024-06-07 05:10

The threat actor known as Commando Cat has been linked to an ongoing cryptojacking attack campaign that leverages poorly secured Docker instances to deploy cryptocurrency miners for financial...

GHOSTENGINE Exploits Vulnerable Drivers to Disable EDRs in Cryptojacking Attack
2024-05-22 08:57

Cybersecurity researchers have discovered a new cryptojacking campaign that employs vulnerable drivers to disable known security solutions (EDRs) and thwart detection in what's called a Bring...

Kinsing Hacker Group Exploits More Flaws to Expand Botnet for Cryptojacking
2024-05-17 17:20

The cryptojacking group known as Kinsing has demonstrated its ability to continuously evolve and adapt, proving to be a persistent threat by swiftly integrating newly disclosed vulnerabilities to...

Hive RAT Creators and $3.5M Cryptojacking Mastermind Arrested in Global Crackdown
2024-04-16 07:33

Two individuals have been arrested in Australia and the U.S. in connection with an alleged scheme to develop and distribute a remote access trojan called Hive RAT (previously Firebird). The U.S....

Cryptojacking is no longer the sole focus of cloud attackers
2024-02-29 04:30

As commercial adoption of cloud technologies continues, cloud-focused malware campaigns have increased in sophistication and number - a collective effort to safeguard both large and small enterprises is critical, according to Cado Security. Although cloud-focused attackers aim to exploit various services typically deployed in cloud environments, Docker remains the most frequently targeted for initial access, with 90.65% of honeypot traffic when discounting SSH. Identified malware campaigns, such as P2Pinfect, had a wide geographical distribution with nodes belonging to providers in China, the US, and Germany, which shows that regardless of where your infrastructure is located, it is still susceptible to Linux and cloud-focused attacks.

DirtyMoe Malware Infects 2,000+ Ukrainian Computers for DDoS and Cryptojacking
2024-02-02 13:17

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned that more than 2,000 computers in the country have been infected by a strain of malware called DirtyMoe. The...

Exposed Docker APIs Under Attack in 'Commando Cat' Cryptojacking Campaign
2024-02-01 13:36

Exposed Docker API endpoints over the internet are under assault from a sophisticated cryptojacking campaign called Commando Cat. "The campaign deploys a benign container generated using...