TrapX Security launched TrapX DeceptionGrid 7.2 featuring a new capability to protect containerized environments such as Kubernetes. TrapX DeceptionGrid secures container environments across on-premises and cloud infrastructures, independent of attack vectors.
A threat group likely based in Romania and active since at least 2020 has been behind an active cryptojacking campaign targeting Linux-based machines with a previously undocumented SSH brute-forcer written in Golang. Dubbed "Diicot brute," the password cracking tool is alleged to be distributed via a software-as-a-service model, with each threat actor furnishing their own unique API keys to facilitate the intrusions, Bitdefender researchers said in a report published last week.
A cryptojacking gang that's likely based in Romania is using a never-before-seen SSH brute-forcer dubbed "Diicot brute" to crack passwords on Linux-based machines with weak passwords. Bitdefender's honeypot data shows that attacks matching the brute-force tool's signature started in January.
A new Monero cryptojacking malware distributed via "Cracked" versions of popular online games is wiping out antivirus programs and surreptitiously mining cryptocurrency in more than a dozen countries, researchers have found. Dubbed "Crackonosh," the malware - which has been active since June 2018 - lurks in pirated versions of Grand Theft Auto V, NBA 2K19 and Pro Evolution Soccer 2018 that gamers can download free in forums, according to a report posted online Thursday by researchers at Avast.
The Lemon Duck cryptocurrency-mining botnet has added the ProxyLogon group of exploits to its bag of tricks, targeting Microsoft Exchange servers. That's according to researchers at Cisco Talos, who said that the cybercrime group behind Lemon Duck has also added the Cobalt Strike attack framework into its malware toolkit and has beefed up anti-detection capabilities.
Microsoft Defender for Endpoint expands its use of Intel Threat Detection Technology beyond accelerated memory scanning capabilities to activate central processing unit based cryptomining machine learning detection. "Customers who choose Intel vPro with the exclusive Intel Hardware Shield now gain full-stack visibility to detect threats out of the box with no need for IT configuration."
Microsoft today announced that Microsoft Defender for Endpoint, the enterprise version of its Windows 10 Defender antivirus, now comes with support for blocking cryptojacking malware using Intel's silicon-based Threat Detection Technology. Intel TDT is part of the Hardware Shield's suite of capabilities available on Intel vPro and Intel Core platforms, providing endpoint detection and response capabilities for advanced memory scanning, cryptojacking, and ransomware detection via CPU-based heuristics.
Cryptocurrency-mining malware, called WatchDog, has been running under the radar for more than two years - in what researchers call one of the largest and longest-lasting Monero cryptojacking attacks to date. Thus far, attackers have hijacked at least 476 Windows and Linux devices, in order to abuse their system resources for mining Monero cryptocurrency.
A financially-motivated threat actor notorious for its cryptojacking attacks has leveraged a revised version of their malware to target cloud infrastructures using vulnerabilities in web server technologies, according to new research. Deployed by the China-based cybercrime group Rocke, the Pro-Ocean cryptojacking malware now comes with improved rootkit and worm capabilities, as well as harbors new evasion tactics to sidestep cybersecurity companies' detection methods, Palo Alto Networks' Unit 42 researchers said in a Thursday write-up.
Threatpost editors discuss a cryptomining malware targeting AWS systems, a recent development in a lawsuit against the IBM-owned Weather Channel app, and more. Listen to the full podcast below or download direct here.