Security News

Bitcoin mining rig found stashed in school crawlspace
2023-02-24 23:30

Pics A Massachusetts man accused of using his job as a city's assistant facilities director to hide a cryptocurrency mining operation in the crawlspace of a school has surrendered himself to authorities on Friday morning after skipping his Thursday arraignment. A judge issued a default warrant for Nadeam Nahas' arrest yesterday on charges of fraudulent use of electricity and vandalizing a school, in relation with the cryptomining operation discovered under Cohasset Middle/High School in December, 2021.

Hackers Using Trojanized macOS Apps to Deploy Evasive Cryptocurrency Mining Malware
2023-02-23 16:49

Trojanized versions of legitimate applications are being used to deploy evasive cryptocurrency mining malware on macOS systems. "This malware makes use of the Invisible Internet Project to download malicious components and send mined currency to the attacker's wallet," Jamf researchers Matt Benyo, Ferdous Saljooki, and Jaron Bradley said in a report shared with The Hacker News.

New S1deload Malware Hijacking Users' Social Media Accounts and Mining Cryptocurrency
2023-02-23 10:45

An active malware campaign has set its sights on Facebook and YouTube users by leveraging a new information stealer to hijack the accounts and abuse the systems' resources to mine cryptocurrency. Bitdefender is calling the malware S1deload Stealer for its use of DLL side-loading techniques to get past security defenses and execute its malicious components.

Microsoft Exchange ProxyShell flaws exploited in new crypto-mining attack
2023-02-16 21:03

A new malware dubbed 'ProxyShellMiner' exploits the Microsoft Exchange ProxyShell vulnerabilities to deploy cryptocurrency miners throughout a Windows domain to generate profit for the attackers. ProxyShell is the name of three Exchange vulnerabilities discovered and fixed by Microsoft in 2021.

Cryptocurrency Mining Campaign Hits Linux Users with Go-based CHAOS Malware
2022-12-12 13:51

A cryptocurrency mining attack targeting the Linux operating system also involved the use of an open source remote access trojan (RAT) dubbed CHAOS. The threat, which was spotted by Trend Micro in...

Researchers 'Accidentally’ Crash KmsdBot Cryptocurrency Mining Botnet Network
2022-12-01 09:48

An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down. The botnet strikes both Windows and Linux devices spanning a wide range of microarchitectures with the primary goal of deploying mining software and corralling the compromised hosts into a DDoS bot.

Malware Authors 'Accidentally' Crash KmsdBot Cryptocurrency Mining Botnet
2022-12-01 09:48

An ongoing analysis into an up-and-coming cryptocurrency mining botnet known as KmsdBot has led to it being accidentally taken down. The botnet strikes both Windows and Linux devices spanning a wide range of microarchitectures with the primary goal of deploying mining software and corralling the compromised hosts into a DDoS bot.

New KmsdBot Malware Hijacking Systems for Mining Crypto and Launch DDoS Attacks
2022-11-14 07:14

A newly discovered evasive malware leverages the Secure Shell cryptographic protocol to gain entry into targeted systems with the goal of mining cryptocurrency and carrying out distributed denial-of-service attacks. Dubbed KmsdBot by the Akamai Security Intelligence Response Team, the Golang-based malware has been found targeting a variety of companies ranging from gaming to luxury car brands to security firms.

Hackers Targeting WebLogic Servers and Docker APIs for Mining Cryptocurrencies
2022-09-16 10:58

Malicious actors such as Kinsing are taking advantage of both recently disclosed and older security flaws in Oracle WebLogic Server to deliver cryptocurrency-mining malware. The Kinsing actors have also been involved in campaigns against container environments via misconfigured open Docker Daemon API ports to launch a crypto miner and subsequently spread the malware to other containers and hosts.

That 'clean' Google Translate app is actually Windows crypto-mining malware
2022-08-30 10:27

Watch out: someone is spreading cryptocurrency-mining malware disguised as legitimate-looking applications, such as Google Translate, on free software download sites and through Google searches. "The malware is dropped from applications that are popular, but don't have an actual desktop version, such as Google Translate, keeping the malware versions in demand and exclusive," Check Point malware analyst Moshe Marelus wrote in a report Monday.