Security News

Ultralytics AI model hijacked to infect thousands with cryptominer
2024-12-06 18:54

The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI) [...]

XML-RPC npm Library Turns Malicious, Steals Data, Deploys Crypto Miner
2024-11-28 10:48

Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later...

Crypto miner arrested for skipping on $3.5 million in cloud server bills
2024-04-15 18:10

The U.S. Department of Justice has announced the arrest and indictment of Charles O. Parks III, known as "CP3O," for allegedly renting large numbers of cloud servers to conduct crypto mining and then skipping out on paying the bills. The DOJ explains that the defendant created a unique scheme that utilized $3.5 million worth of cloud computing resources to mine $970,000 worth of cryptocurrency at the expense of two cloud service providers.

Cryptominers Targeting Misconfigured Apache Hadoop and Flink with Rootkit in New Attacks
2024-01-12 07:56

Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is...

Beware: 3 Malicious PyPI Packages Found Targeting Linux with Crypto Miners
2024-01-04 10:35

Three new malicious packages have been discovered in the Python Package Index (PyPI) open-source repository with capabilities to deploy a cryptocurrency miner on affected Linux devices. The three...

8220 gang exploits old Oracle WebLogic vulnerability to deliver infostealers, cryptominers
2023-12-20 12:59

The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability to distribute malware, the Imperva Threat Research team has found. Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners on Linux and Windows hosts by exploiting known vulnerabilities.

NPM packages posing as speed testers install crypto miners instead
2023-02-14 17:25

A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. The packages were uploaded onto NPM, an online repository containing over 2.2 million open-source JavaScript packages shared among software developers to speed up the coding process.

New SHC-compiled Linux malware installs cryptominers, DDoS bots
2023-01-04 22:29

A new Linux malware downloader created using SHC has been spotted in the wild, infecting systems with Monero cryptocurrency miners and DDoS IRC bots. According to ASEC researchers, who discovered the attack, the SHC loader was uploaded to VirusTotal by Korean users, with attacks generally focused on Linux systems in the same country.

Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware
2022-10-21 14:56

A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. "The attacker intends to utilize a victim's resources as much as possible, not only to install RAR1Ransom for extortion, but also to spread GuardMiner to collect cryptocurrency," Fortinet FortiGuard Labs researcher Cara Lin said in a Thursday report.

Cryptominers hijack $53 worth of system resources to earn $1
2022-09-28 13:00

Security researchers estimate that the financial impact of cryptominers infecting cloud servers costs victims about $53 for every $1 worth of cryptocurrency threat actors mine on hijacked devices. The threat actors load modified OS images containing XMRig, a miner for Monero, which is a privacy-oriented hard-to-trace cryptocurrency, and currently the most profitable CPU-based mining.