Security News

Security researchers have discovered the first malware specifically developed to target Amazon Web Services Lambda cloud environments with cryptominers. AWS Lambda is a serverless computing platform for running code from hundreds of AWS services and software as a service apps without managing servers.

A Trend Micro research revealed a constant battle for resources among malicious cryptocurrency mining groups. Unlike traditional cybercriminal business models, just a few hours of compromise can result in profits for the criminal.

The Log4Shell vulnerabilities in the widely used Log4j software are still leveraged by threat actors today to deploy various malware payloads, including recruiting devices into DDoS botnets and for planting cryptominers. The threat actor can then control this botnet to perform DDoS attacks against a specific target, depleting their resources and disrupting their online service.

Google has announced the public preview of a new Virtual Machine Threat Detection system that can detect cryptocurrency miners and other malware without the need for software agents. A significant problem for developers and enterprises using cloud-based virtual machines is the constant targeting of threat actors who breach servers to install cryptominers.

Organizations running sophisticated virtual networks with VMware's vSphere service are actively being targeted by cryptojackers, who have figured out how to inject the XMRig commercial cryptominer into the environment, undetected.Uptycs' Siddharth Sharma has released research showing threat actors are using malicious shell scripts to make modifications and run the cryptominer on vSphere virtual networks.

Norton antivirus's inbuilt cryptominer has re-entered the public consciousness after a random Twitter bod expressed annoyance at how difficult it is to uninstall. Exe, Norton 360's signed cryptocurrency-mining binary, to installations of Norton antivirus isn't new - but it seems to have taken the non-techie world a few months to realise what's going on.

Global buzz around the release of Spider-Man: No Way Home is making tons of online noise - an ideal environment for cybercriminals to spread a Monero cryptominer disguised as a download of the newly released film. A torrent download of Spider-Man: No Way Home is circulating, infected with a persistent Monero cryptominer, according to a new alert from ReasonLabs.

Cryptominer malware removal is a routine piece of the cybersecurity landscape these days. If criminals are hijacking your compute cycles to mine cryptocurrencies, chances are there's something worse lurking on your network too.

Sophos released new findings on the Tor2Mine cryptominer, that show how the miner evades detection, spreads automatically through a target network and is increasingly harder to remove from an infected system. In the research, Sophos describes new variants of the miner that include a PowerShell script that attempts to disable malware protection, execute the miner payload and steal Windows administrator credentials.

The library's lightweight npm package is extremely popular: according to the numbers on its npm registry page, it surpasses 8 million weekly downloads. The compromised packages were removed from the repository and a security advisory was published.