Security News

Non-Malicious Android Crypto Mining Apps Scam Users at Scale
2021-07-08 10:28

Researchers at mobile security firm Lookout have identified more than 170 Android apps that target and scam users interested in cryptocurrencies. These apps cannot even be classified as 'malware' since they do nothing typified as malicious and don't contain a payload. This is the height of their sophistication.

Cloud Cryptomining Swindle in Google Play Rakes in Cash
2021-07-07 11:57

Bogus cryptomining apps for Android available for download on Google Play are estimated to have scammed more than 93,400 victims to date, researchers said, stealing at least $350,000. In addition to offering the "Apps" themselves for a fee, the scammers also promote additional services and upgrades that users can purchase within the apps, either by transferring Bitcoin or Ethereum cryptocurrencies directly to the developers' wallets or via the Google Play in-app billing system.

Tens of thousands scammed using fake Android cryptomining apps
2021-07-07 11:44

Twenty-five of these fake apps were available in the Google Play Store, while those sold on third-party app stores could be side-loaded by victims on their Android devices. Lookout researchers revealed in a report published today that the apps didn't include any cloud cryptomining functionality.

Microsoft: Big Cryptomining Attacks Hit Kubeflow
2021-06-10 16:26

Microsoft has spotted a new, widespread, ongoing attack targeting Kubernetes clusters running Kubeflow instances, in order to plant malicious TensorFlow pods that are used to mine for cryptocurrency. The newly discovered attack is similar to a cryptocurrency mining attack that Microsoft reported last June.

Kubeflow Deployments Targeted in New Crypto-mining Campaign
2021-06-09 17:49

A newly observed malicious campaign is targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine for crypto-currency, according to a warning from security researchers at Microsoft. According to Microsoft, the recent campaign popped up on their radar at the end of May, when TensorFlow pods started being deployed at scale on multiple Kubernetes clusters.

Microsoft warns of cryptomining attacks on Kubernetes clusters
2021-06-09 17:05

Microsoft warns of an ongoing series of attacks compromising Kubernetes clusters running Kubeflow machine learning instances to deploy malicious containers that mine for Monero and Ethereum cryptocurrency. The attacks had started towards the end of May when Microsoft security researchers observed a sudden increase in TensorFlow machine learning pod deployments.

Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances
2021-06-09 09:55

Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers. "The burst of deployments on the various clusters was simultaneous. This indicates that the attackers scanned those clusters in advance and maintained a list of potential targets, which were later attacked on the same time," Microsoft's Senior Security Research Engineer Yossi Weizman said in a report.

Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities
2021-06-03 10:01

New upgrades have been made to a Python-based "Self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. "Although the bot was originally discovered earlier this year, the latest activity shows numerous changes to the bot, ranging from different command-and-control communications and the addition of new exploits for spreading, most notably vulnerabilities in VMWare vSphere, SCO OpenServer, Vesta Control Panel and SMB-based exploits that were not present in the earlier iterations of the code," researchers from Cisco Talos said in a deep-dive published today.

Cryptomining malware up, financial malware down in Q1 2021, Kaspersky finds
2021-06-01 18:06

The first report, detailing desktop attacks, found that cryptomining malware has exploded in popularity, while the second report covering mobile devices, revealed that a popular Trojan targeting gamers has made the leap from PC to Android. Between February and March 2021, during which time the price of a single bitcoin increased by more than $10,000, the number of modified cryptomining malware found by Kaspersky experienced a similar jump with a fourfold increase over the course of the same time period.

New cryptomining malware builds an army of Windows, Linux bots
2021-04-24 14:36

A recently discovered cryptomining botnet is actively scanning for vulnerable Windows and Linux enterprise servers and infecting them with Monero miner and self-spreader malware payloads. While, at first, it was using a multi-component architecture with the miner and worm modules, the botnet has been upgraded to use a single binary capable of mining and auto-spreading the malware to other devices.