cryptocurrency, digital currency


‘DarkGate’ miner, password-stealer could open up world of hurt for Windows users


Windows users in Europe have recently been the target of a sophisticated malware campaign that provides attackers with a diverse array of capabilities, including cryptomining, credential stealing, ransomware and remote-access takeovers. Named DarkGate by its developer, the malware is reportedly distributed via Torrent files disguised as popular entertainment offerings — including the Spanish basketball dramedy…

Cryptomining malware using Windows Installer to remain hidden


The high return rate offered by cryptocurrency mining operations is encouraging cybercriminals to put extra thought into how to hide their mining malware so it can function for as long as possible before discovery. One such effort researched by Trend Micro focuses on Coinminer.Win32.MALXMR.TIAOODAM uses Windows Installer as its cloak of invisibility. Trend researchers Janus…

StatCounter platform compromised to infect exchange with bitcoin-stealing code


A malicious actor compromised the platform of leading web analytics firm StatCounter in a supply chain attack that targeted the cryptocurrency exchange with a bitcoin-stealing script. Outside of, none of the other two million-plus websites using StatCounter’s metrics services appear to have been affected by the malicious JavaScript, even if they downloaded it. That’s because the…

‘Flash update’ scam serves up legit software, but with a side of cryptominer


An unusually deceptive “Flash update” scam that installs unwanted programs on infected machines has been attempting to feign legitimacy by displaying pop-up notifications borrowed from the official Adobe installer, as well as by actually installing the latest version of Flash. A malicious Flash installer using this combination tricks in order to appear credible is “unprecedented…

Report: Cryptomining malware detections up more than 459 percent since 2017


Detections of cryptomining malware has increased by 459 percent since last year, according to a new report released today by the Cyber Threat Alliance (CTA), citing statistics collected from several of its member companies. Titled “The Illicit Cryptocurrency Cyber Threat,” the report warns that this dramatic year-over-year rise is no fluke, noting that illegal mining activity will likely…

Iron Group suspected in creation of Xbash all-in-one malware


A threat actor has been targeting Windows and Linux servers with a self-propagating malware mash-up that’s comprised of botnet, ransomware, disk wiper, cryptomining and worm elements all in one. Researchers from Palo Alto Networks’ Unit 42 division have tied the malware, dubbed Xbash, to the APT actor known as Iron Group. The same group has previously…

Monero miner found in third-party Kodi add-ons for Linux and Windows


The now-shuttered XvBMC and Bubbles third-party add-on repositories, along with the still operating Gaia, have been hosting more than just software products, as researchers have discovered these sites have been abused to propagate a cryptomining campaign centered on the popular open-source media player Kodi. ESET researchers have reported that the three add-on repositories, two of…

Next post in Cryptocurrency