Security News

New Migo Malware Targeting Redis Servers for Cryptocurrency Mining
2024-02-20 15:20

A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. "This particular campaign involves...

HeadCrab 2.0 Goes Fileless, Targeting Redis Servers for Crypto Mining
2024-02-01 11:22

Cybersecurity researchers have detailed an updated version of the malware HeadCrab that's known to target Redis database servers across the world since early September 2021. The development, which...

NoaBot: Latest Mirai-Based Botnet Targeting SSH Servers for Crypto Mining
2024-01-10 15:15

A new Mirai-based botnet called NoaBot is being used by threat actors as part of a crypto mining campaign since the beginning of 2023. “The capabilities of the new botnet, NoaBot, include a...

Warning: Poorly Secured Linux SSH Servers Under Attack for Cryptocurrency Mining
2023-12-27 05:29

Poorly secured Linux SSH servers are being targeted by bad actors to install port scanners and dictionary attack tools with the goal of targeting other vulnerable servers and co-opting them into a...

Microsoft Warns of Hackers Exploiting OAuth for Cryptocurrency Mining and Phishing
2023-12-13 10:55

Microsoft has warned that adversaries are using OAuth applications as an automation tool to deploy virtual machines (VMs) for cryptocurrency mining and launch phishing attacks. "Threat actors...

Researchers Uncover Undetectable Crypto Mining Technique on Azure Automation
2023-11-08 14:19

Cybersecurity researchers have developed what's the first fully undetectable cloud-based cryptocurrency miner leveraging the Microsoft Azure Automation service without racking up any charges. Developed by Microsoft, it's a cloud-based automation service that allows users to automate the creation, deployment, monitoring, and maintenance of resources in Azure.

Qubitstrike Targets Jupyter Notebooks with Crypto Mining and Rootkit Campaign
2023-10-18 11:42

A threat actor, presumably from Tunisia, has been linked to a new campaign targeting exposed Jupyter Notebooks in a two-fold attempt to illicitly mine cryptocurrency and breach cloud environments....

Cybercriminals Weaponizing Legitimate Advanced Installer Tool in Crypto-Mining Attacks
2023-09-09 06:25

A legitimate Windows tool used for creating software packages called Advanced Installer is being abused by threat actors to drop cryptocurrency-mining malware on infected machines since at least November 2021. "The attacker uses Advanced Installer to package other legitimate software installers, such as Adobe Illustrator, Autodesk 3ds Max, and SketchUp Pro, with malicious scripts and uses Advanced Installer's Custom Actions feature to make the software installers execute the malicious scripts," Cisco Talos researcher Chetan Raghuprasad said in a technical report.

Agile Approach to Mass Cloud Credential Harvesting and Crypto Mining Sprints Ahead
2023-08-23 11:44

Json from CRED FILE NAMES file name array to GCLOUD CREDS FILES file name array[+] added netrc, kubeconfig, adc. Db from CRED FILE NAMES file name array[-] removed dload function[+] added commented dload function invocation for posting final results[+] added commented wget command to download and execute https://everlost.

Malicious Campaigns Exploit Weak Kubernetes Clusters for Crypto Mining
2023-08-09 09:05

Exposed Kubernetes clusters are being exploited by malicious actors to deploy cryptocurrency miners and other backdoors. Cloud security firm Aqua, in a report shared with The Hacker News, said a majority of the clusters belonged to small to medium-sized organizations, with a smaller subset tied to bigger companies, spanning financial, aerospace, automotive, industrial, and security sectors.