Security News

Popular NPM Package Hijacked to Publish Crypto-mining Malware
2021-10-23 02:23

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to remove three rogue packages that were found to mimic the same library. The supply-chain attack targeting the open-source library saw three different versions - 0.7.29, 0.8.0, 1.0.0 - that were published with malicious code on Thursday following a successful takeover of the maintainer's NPM account.

Cisco Talos researchers find crypto mining detections have doubled in the last year
2021-07-15 18:58

Cisco Talos researchers note in a new analysis that "Unauthorized software on end systems is never a good sign. Today it's a crypto miner, tomorrow it could be the initial payload in an eventual ransomware attack." Crypto mining has increased from 3% of all mining alerts in January 2020 to 6% in March 2021, according to analysis from Talos.

Non-Malicious Android Crypto Mining Apps Scam Users at Scale
2021-07-08 10:28

Researchers at mobile security firm Lookout have identified more than 170 Android apps that target and scam users interested in cryptocurrencies. These apps cannot even be classified as 'malware' since they do nothing typified as malicious and don't contain a payload. This is the height of their sophistication.

Kubeflow Deployments Targeted in New Crypto-mining Campaign
2021-06-09 17:49

A newly observed malicious campaign is targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine for crypto-currency, according to a warning from security researchers at Microsoft. According to Microsoft, the recent campaign popped up on their radar at the end of May, when TensorFlow pods started being deployed at scale on multiple Kubernetes clusters.

Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances
2021-06-09 09:55

Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers. "The burst of deployments on the various clusters was simultaneous. This indicates that the attackers scanned those clusters in advance and maintained a list of potential targets, which were later attacked on the same time," Microsoft's Senior Security Research Engineer Yossi Weizman said in a report.

Hands on with Norton antivirus Ethereum mining: The good and the bad
2021-06-07 17:52

Last week, NortonLifelock announced that the Norton 360 antivirus suite would soon be able to mine Ethereum cryptocurrency while the computer is idle. The Norton Crypto announcement was met with a wide range of responses, ranging from ridicule to exasperation, that an antivirus software would offer cryptocurrency mining.

Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities
2021-06-03 10:01

New upgrades have been made to a Python-based "Self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. "Although the bot was originally discovered earlier this year, the latest activity shows numerous changes to the bot, ranging from different command-and-control communications and the addition of new exploits for spreading, most notably vulnerabilities in VMWare vSphere, SCO OpenServer, Vesta Control Panel and SMB-based exploits that were not present in the earlier iterations of the code," researchers from Cisco Talos said in a deep-dive published today.

Hetzner cloud server provider bans cryptocurrency mining
2021-05-19 21:31

Popular German cloud hosting and dedicated server provider Hetzner has banned cryptomining on its servers after users have been using their large storage devices to mine Chia. For those not familiar with Chia, instead of mining the cryptocurrency with specialized equipment or graphics cards, it uses a new mining system called Proof of Space and Proof of Time.

NVIDIA cripples cryptocurrency mining on RTX 3080 and 3070 cards
2021-05-18 16:49

NVIDIA announced today that it's halving the hash rate for Etehereum cryptocurrency mining on the new GeForce RTX 3080, 3070, and 3060 Ti graphics cards to make them less desirable for miners. "Today, we're taking additional measures by applying a reduced ETH hash rate to newly manufactured GeForce RTX 3080, RTX 3070 and RTX 3060 Ti graphics cards," said Matt Wuebbling, NVIDIA's Global Head of GeForce Marketing.

Monero-mining botnet targets orgs through recent MS Exchange vulnerabilities
2021-04-22 10:49

The recent Microsoft Exchange Server vulnerabilities might have initially been exploited by a government-backed APT group, but cybercriminals soon followed suit, using them to deliver ransomware and grow their botnet. One perpetrator of the latter activities is Prometei, a cross-platform, modular Monero-mining botnet that seems to have flown under the radar for years.