Security News

Malicious Docker Cryptomining Images Rack Up 20M Downloads
2021-03-30 20:22

At least 30 malicious images in Docker Hub, with a collective 20 million downloads, have been used to spread cryptomining malware, according to an analysis. The malicious images have raked in around $200,000 from cryptomining, according to Aviv Sasson, researcher with Palo Alto Networks' Unit 42, who found and reported the malicious activity.

Microsoft Exchange exploits now used by cryptomining malware
2021-03-12 18:20

The operators of Lemon Duck, a cryptomining botnet that targets enterprise networks, are now using Microsoft Exchange ProxyLogon exploits in attacks against unpatched servers. Lemon Duck's ongoing attacks on vulnerable Exchange servers have already reached a massive scale, according to Costin Raiu, director of Kaspersky's Global Research and Analysis Team.

S3 Ep21: Cryptomining clampdown, the 100-ton man, and ScamClub ads [Podcast]
2021-02-25 19:35

The graphics card that wants you to stick to playing games, the man that didn't weigh 100 tons after all, and the marketing gang that used a browser bug to bombard iPhone users with scammy online surveys. WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.

Nvidia’s Anti-Cryptomining GPU Chip May Not Discourage Attacks
2021-02-24 15:31

"Even though these new Nvidia drivers will halve the earning rate of the cybercriminals, the crooks aren't paying for the electricity, so any unlawfully mined crypto-coins are still essentially free money for them." "In the early days, it was possible to mine Bitcoin using the average computer CPU or a high-speed video processor card; however, today, mining for Bitcoin requires dedicated Bitcoin mining hardware to make it a profitable endeavor," according to the report.

Nvidia announces official “anti-cryptomining” software drivers
2021-02-22 21:00

RTX 3060 software drivers are designed to detect specific attributes of the Ethereum cryptocurrency mining algorithm, and limit the hash rate, or cryptocurrency mining efficiency, by around 50 percent. To address the specific needs of Ethereum mining, we're announcing the NVIDIA CMP product line for professional mining.

DDoS Attacks Wane in Q4 Amid Cryptomining Resurgence
2021-02-16 21:27

"A surge in cryptocurrency costs may have prompted cybercriminals to re-profile some botnets so that the command-and-control servers typically used in DDoS attacks could repurpose infected devices and use their computing power to mine cryptocurrencies instead," researchers said. DDoS of course didn't go away - as people spent more time online in 2020, researchers observed a corresponding spike in DDoS attacks for most of the year.

MrbMiner Crypto-Mining Malware Links to Iranian Software Company
2021-01-21 06:58

A relatively new crypto-mining malware that surfaced last year and infected thousands of Microsoft SQL Server databases has now been linked to a small software development company based in Iran. First documented by Chinese tech giant Tencent last September, MrbMiner was found to target internet-facing MSSQL servers with the goal of installing a cryptominer, which hijacks the processing power of the systems to mine Monero and funnel them into accounts controlled by the attackers.

'PGMiner' Crypto-Mining Botnet Abuses PostgreSQL for Distribution
2020-12-15 09:44

Palo Alto Networks security researchers have discovered a Linux-based cryptocurrency-mining botnet that being delivered via PostgreSQL. Dubbed PGMiner, the botnet exploits a remote code execution vulnerability in PostgreSQL to compromise database servers and then abuse them for mining for the Monero cryptocurrency. An open source relational database management system widely used in production environments, PostgreSQL has a "Copy from program" feature that was labeled as a vulnerability, something that the PostgreSQL security team quickly disputed.

Cyberespionage APT group hides behind cryptomining campaigns
2020-12-02 03:25

An advanced threat group called Bismuth recently used cryptocurrency mining as a way to hide the purpose of their activity and to avoid triggering high-priority alerts. In recent campaigns Bismuth launched Monero coin miners on compromised systems belonging to private and government organizations in France and Vietnam.

Cryptomining activity could be a sign your servers are under attack
2020-09-04 04:00

Cryptomining activity used to monetize compromised servers. While cryptomining activity may not cause disruption or financial losses on its own, mining software is usually deployed to monetize compromised servers that are sitting idle while criminals plot larger money-making schemes.