Security News

Crypto-Mining Worm Targets AWS Credentials
2020-08-20 03:48

Cado Security has identified a crypto-mining worm that attempts to steal Amazon Web Services credentials belonging to the organizations whose systems it has infected. The TeamTNT worm can also scan for open Docker APIs, execute Docker images and install itself.

Fileless worm builds cryptomining, backdoor-planting P2P botnet
2020-08-19 12:28

A fileless worm dubbed FritzFrog has been found roping Linux-based devices - corporate servers, routers and IoT devices - with SSH servers into a P2P botnet whose apparent goal is to mine cryptocurrency. Simultaneously the malware creates a backdoor on the infected machines, allowing attackers to access it at a later date even if the SSH password has been changed in the meantime.

Microsoft Azure users leave front door open for cryptomining crooks
2020-06-15 14:30

Microsoft just found a campaign that exploits Kubernetes to install cryptomining software in its Azure cloud. Kubernetes is an open source project that lets administrators manage software containers en masse, and it runs in cloud infrastructures like Microsoft's Azure.

Kubernetes Falls to Cryptomining via Machine-Learning Framework
2020-06-11 18:42

The Kubeflow open-source project is a popular framework for running machine-learning tasks in Kubernetes. Because Kubeflow is a containerized service, these various tasks run as containers in the Kubernetes cluster, and each can present a path for an attacker into the core Kubernetes architecture.

Cryptomining criminals under the spotlight – a SophosLabs report
2020-06-09 13:59

Sadly unlawful cryptomining is still a thing, and SophosLabs has just published a report that follows the evolution and operation of the cybercrime gang behind a botnet known as Kingminer. Servers have two desirable properties for cryptomining abuse, namely that they're always on, so any unauthorised mining runs 24/7, and they're usually much more powerful than the average laptop, so the crooks can dial in decent earnings without taking over the server so completely that they get noticed.

Crypto-Mining Campaign Hits European Supercomputers
2020-05-18 09:57

Several supercomputers across Europe were taken offline last week after being targeted in what appears to be a crypto-mining campaign. While CSCS' notice says that the background of the attack is currently unclear, the European Grid Infrastructure security team issued an alert claiming that the purpose of the attack is cryptocurrency mining.

Malicious USB Drives Infect 35,000 Computers With Crypto-Mining Botnet
2020-04-24 03:38

Cybersecurity researchers from ESET on Thursday said they took down a portion of a malware botnet comprising at least 35,000 compromised Windows systems that attackers were secretly using to mine Monero cryptocurrency. "The main activity of the botnet is mining Monero cryptocurrency," ESET said.

Malicious USB Drives Infect 35,000 Computers With Crypto-Mining Botnet
2020-04-24 03:38

Cybersecurity researchers from ESET on Thursday said they took down a portion of a malware botnet comprising at least 35,000 compromised Windows systems that attackers were secretly using to mine Monero cryptocurrency. "The main activity of the botnet is mining Monero cryptocurrency," ESET said.

Are your MS SQL servers part of a cryptomining botnet? Check now!
2020-04-02 12:35

For the last two years or so, attackers have been infecting and reinfecting poorly secured MS SQL servers, booting other criminals' malware from them and exploiting their compute power to mine Vollar and Monero cryptocurrency. Microsoft SQL Server is a relational database management system/software that can run on computers running any of the most popular operating systems.

Vivin Nets Thousands of Dollars Using Cryptomining Malware
2020-01-22 22:19

A recently uncovered threat actor, dubbed Vivin, has made thousands of U.S. dollars through a large-scale cryptomining campaign. Vivin is unique due to its longevity - the threat actor has been active since at least 2017 - and researchers with Cisco Talos point to Vivin as a good example of why cryptomining malware isn't going anywhere, despite a loss in the value of Monero over the past few years.