Security News

Warning: Yet Another Bitcoin Mining Malware Targeting QNAP NAS Devices
2021-12-07 22:33

Network-attached storage appliance maker QNAP on Tuesday released a new advisory warning of a cryptocurrency mining malware targeting its devices, urging customers to take preventive steps with immediate effect. "A bitcoin miner has been reported to target QNAP NAS. Once a NAS is infected, CPU usage becomes unusually high where a process named '[oom reaper]' could occupy around 50% of the total CPU usage," the Taiwanese company said in an alert.

Chinese Communist Party official expelled for mining cryptocurrency
2021-11-16 00:49

China's Central Commission for Discipline Inspection has expelled a communist party member for allowing cryptocurrency mining to happen, corruption, and other infractions. A Saturday announcement by the commission stated that Xiao Yi, formerly a member and vice chairman of the Jiangxi Provincial Political Consultative Conference, was stripped of his post and lost his qualifications as a representative to the 19th National Congress of the Communist Party of China.

Popular NPM Package Hijacked to Publish Crypto-mining Malware
2021-10-24 03:38

The U.S. Cybersecurity and Infrastructure Security Agency on Friday warned of crypto-mining malware embedded in "UAParser.js," a popular JavaScript NPM library with over 6 million weekly downloads, days after the NPM repository moved to remove three rogue packages that were found to mimic the same library. The supply-chain attack targeting the open-source library saw three different versions - 0.7.29, 0.8.0, 1.0.0 - that were published with malicious code on Thursday following a successful takeover of the maintainer's NPM account.

Cisco Talos researchers find crypto mining detections have doubled in the last year
2021-07-15 18:58

Cisco Talos researchers note in a new analysis that "Unauthorized software on end systems is never a good sign. Today it's a crypto miner, tomorrow it could be the initial payload in an eventual ransomware attack." Crypto mining has increased from 3% of all mining alerts in January 2020 to 6% in March 2021, according to analysis from Talos.

Non-Malicious Android Crypto Mining Apps Scam Users at Scale
2021-07-08 10:28

Researchers at mobile security firm Lookout have identified more than 170 Android apps that target and scam users interested in cryptocurrencies. These apps cannot even be classified as 'malware' since they do nothing typified as malicious and don't contain a payload. This is the height of their sophistication.

Kubeflow Deployments Targeted in New Crypto-mining Campaign
2021-06-09 17:49

A newly observed malicious campaign is targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine for crypto-currency, according to a warning from security researchers at Microsoft. According to Microsoft, the recent campaign popped up on their radar at the end of May, when TensorFlow pods started being deployed at scale on multiple Kubernetes clusters.

Crypto-Mining Attacks Targeting Kubernetes Clusters via Kubeflow Instances
2021-06-09 09:55

Cybersecurity researchers on Tuesday disclosed a new large-scale campaign targeting Kubeflow deployments to run malicious cryptocurrency mining containers. "The burst of deployments on the various clusters was simultaneous. This indicates that the attackers scanned those clusters in advance and maintained a list of potential targets, which were later attacked on the same time," Microsoft's Senior Security Research Engineer Yossi Weizman said in a report.

Hands on with Norton antivirus Ethereum mining: The good and the bad
2021-06-07 17:52

Last week, NortonLifelock announced that the Norton 360 antivirus suite would soon be able to mine Ethereum cryptocurrency while the computer is idle. The Norton Crypto announcement was met with a wide range of responses, ranging from ridicule to exasperation, that an antivirus software would offer cryptocurrency mining.

Necro Python Malware Upgrades With New Exploits and Crypto Mining Capabilities
2021-06-03 10:01

New upgrades have been made to a Python-based "Self-replicating, polymorphic bot" called Necro in what's seen as an attempt to improve its chances of infecting vulnerable systems and evading detection. "Although the bot was originally discovered earlier this year, the latest activity shows numerous changes to the bot, ranging from different command-and-control communications and the addition of new exploits for spreading, most notably vulnerabilities in VMWare vSphere, SCO OpenServer, Vesta Control Panel and SMB-based exploits that were not present in the earlier iterations of the code," researchers from Cisco Talos said in a deep-dive published today.

Hetzner cloud server provider bans cryptocurrency mining
2021-05-19 21:31

Popular German cloud hosting and dedicated server provider Hetzner has banned cryptomining on its servers after users have been using their large storage devices to mine Chia. For those not familiar with Chia, instead of mining the cryptocurrency with specialized equipment or graphics cards, it uses a new mining system called Proof of Space and Proof of Time.