A new password-stealer malware has appeared that targets cryptocurrencies and brute-forces and steals administrator credentials from unsecured WordPress websites. Avast researchers nicknamed the malware Clipsa, due to its penchant for replacing crypto-addresses present in a clipboard, and noted it is written in Visual Basic and once installed on a device it begins mining cryptocurrency, and…
The Swedish cryptocurrency exchange QuickBit was hit with a data breach affecting about 2 percent of its customer base through an unprotected MongoDB. Published reports put the number of accounts exposed at 300,000 with QuickBit stating the data involved was left unprotected while it was being migrated to a safer environment with names, addresses, e-mail…
Don’t let unauthorized cryptocurrency “miners” steal your company’s computer power — or worse! Cryptomining — the name itself sounds like it is almost like printing money using your computer. And it just might be for individuals, investors, and others with the right mix of savvy, capital, good timing, and a whole lot of luck. But…
MyDashWallet.org is recommending that its users remove any funds from their wallets as the site has been compromised for the past two months. MyDashWallet, which calls itself the fastest and easiest way to use DASH cryptocurrency, noted on its site that an associated external site serving CryptoJS scripts was compromised with the end result being…
The cybercriminal group ShadowGate has emerged from a long quiet period, launching a global malvertising campaign that redirects victims to the Greenflash Sundown exploit kit, in order to infect them with SEON ransomware, a cryptominer and the Pony credential-stealer. Also known as WordsJS, the ShadowGate group is more typically known for targeting Asia, especially South…
Researchers earlier this year discovered a modular backdoor that delivers one of eight different cryptominers to infected systems, as well as malicious plug-ins that exploit the UPnP and SMB protocols. Written in C and compiled with Mingw GCC, the malware, dubbed Plurox, was discovered last February by researchers at Kaspersky, who believe they detected the…
Malicious actors are attempting to infect computers running Tiny Core Linux virtual machines with an XMRig-based cryptominer that’s being bundled with pirated copies of Virtual Studio Technology (VST) software applications. Dubbed LoudMiner, the Monero-mining software first appeared in August 2018, and works by abusing virtualization software – QEMU on macOS machines and VirtualBox on Windows devices.…
Cybercriminals have been using a recently discovered critical vulnerability in the Oracle WebLogic server to deliver a Monero cryptomining program, while using certificate files to obfuscate malicious code. Caused by a deserialization error, the flaw, CVE-2019-2725, was patched in an April 26 out-of-band security update. The SANS ISC InfoSec forums originally hosted reports of malicious actors exploiting…
The cryptocurrency wallet service GateHub was hit by a cyber heist that netted 23.2 million Ripple coins (XRP), worth nearly $9.5 million. The incident is still under investigation, but researchers at the firm believe the hacker abused its API to carry out the attacks, albeit it is unsure how. “We have however detected an increased…
A cryptocurrency startup exploited a backdoor in its own platform to protect its customer’s funds after threat actors had spotted and attempted to exploit the flaw. Researchers on the npm, Inc security team discovered a backdoor in the Agama cryptocurrency wallet on the Komodo platform during a security audit of the platform. “This attack focused…
