Security News

As many as 207 websites have been infected with malicious code designed to launch a cryptocurrency miner by leveraging WebAssembly on the browser. Js code makes use of WebAssembly to run low-level binary code directly on the browser.

A recently patched critical security flaw in Atlassian Confluence Server and Data Center products is being actively weaponized in real-world attacks to drop cryptocurrency miners and ransomware payloads. In at least two of the Windows-related incidents observed by cybersecurity vendor Sophos, adversaries exploited the vulnerability to deliver Cerber ransomware and a crypto miner called z0miner on victim networks.

Cybersecurity researchers have discovered a new Android banking malware named MaliBot, which poses as a cryptocurrency mining app or the Chrome web browser to target users in Italy and Spain. MaliBot focuses on stealing financial information such as e-banking service credentials, crypto wallet passwords, and personal details, while it's also capable of snatching two-factor authentication codes from notifications.

New botnet and cryptominer Panchan attacking Linux servers. Akamai Security Research announced on Wednesday it has uncovered a new botnet attacking the Linux servers of telecom and education providers in Asia, Europe and the Americas.

A new peer-to-peer botnet named Panchan appeared in the wild around March 2022, targeting Linux servers in the education sector to mine cryptocurrency. At the same time, it has powerful detection avoidance capabilities, such as using memory-mapped miners and dynamically detecting process monitoring to stop the mining module immediately.

Microsoft is warning of a new variant of the srv botnet that's exploiting multiple security flaws in web applications and databases to install coin miners on both Windows and Linux systems. The tech giant, which has called the new version Sysrv-K, is said to weaponize an array of exploits to gain control of web servers.

According to researchers at cyber-intelligence outfit Cyble, the Eternity site's operators also have a channel on Telegram, where they provide videos detailing features and functions of the Windows malware. Once someone decides to purchase of one or more of Eternity's malware components, they have the option to customize the final binary executable for whatever crimes they want to commit.

A new information-stealing malware called ZingoStealer has been discovered with powerful data-stealing features and the ability to load additional payloads or mine Monero. The new malware was created and released for free by a group of threat actors named the "Haskers Gang," who recently attempted to sell its source code for $500. Soon after researchers at Cisco Talos spotted that offering, ZingoStealer changed hands and was transferred to a new threat actor who will undertake the development effort.

Security researchers have discovered the first malware specifically developed to target Amazon Web Services Lambda cloud environments with cryptominers. AWS Lambda is a serverless computing platform for running code from hundreds of AWS services and software as a service apps without managing servers.

A Trend Micro research revealed a constant battle for resources among malicious cryptocurrency mining groups. Unlike traditional cybercriminal business models, just a few hours of compromise can result in profits for the criminal.