Security News
The popular Ultralytics YOLO11 AI model was compromised in a supply chain attack to deploy cryptominers on devices running versions 8.3.41 and 8.3.42 from the Python Package Index (PyPI) [...]
Cybersecurity researchers have discovered a software supply chain attack that has remained active for over a year on the npm package registry by starting off as an innocuous library and later...
The U.S. Department of Justice has announced the arrest and indictment of Charles O. Parks III, known as "CP3O," for allegedly renting large numbers of cloud servers to conduct crypto mining and then skipping out on paying the bills. The DOJ explains that the defendant created a unique scheme that utilized $3.5 million worth of cloud computing resources to mine $970,000 worth of cryptocurrency at the expense of two cloud service providers.
Cybersecurity researchers have identified a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners within targeted environments. "This attack is...
Three new malicious packages have been discovered in the Python Package Index (PyPI) open-source repository with capabilities to deploy a cryptocurrency miner on affected Linux devices. The three...
The 8220 gang has been leveraging an old Oracle WebLogic Server vulnerability to distribute malware, the Imperva Threat Research team has found. Active since 2017, the 8220 gang has been known for deploying cryptocurrency miners on Linux and Windows hosts by exploiting known vulnerabilities.
A new set of 16 malicious NPM packages are pretending to be internet speed testers but are, in reality, coinminers that hijack the compromised computer's resources to mine cryptocurrency for the threat actors. The packages were uploaded onto NPM, an online repository containing over 2.2 million open-source JavaScript packages shared among software developers to speed up the coding process.
A new Linux malware downloader created using SHC has been spotted in the wild, infecting systems with Monero cryptocurrency miners and DDoS IRC bots. According to ASEC researchers, who discovered the attack, the SHC loader was uploaded to VirusTotal by Korean users, with attacks generally focused on Linux systems in the same country.
A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. "The attacker intends to utilize a victim's resources as much as possible, not only to install RAR1Ransom for extortion, but also to spread GuardMiner to collect cryptocurrency," Fortinet FortiGuard Labs researcher Cara Lin said in a Thursday report.
Security researchers estimate that the financial impact of cryptominers infecting cloud servers costs victims about $53 for every $1 worth of cryptocurrency threat actors mine on hijacked devices. The threat actors load modified OS images containing XMRig, a miner for Monero, which is a privacy-oriented hard-to-trace cryptocurrency, and currently the most profitable CPU-based mining.