cryptocurrency, digital currency

Cryptocurrency

CoinMiner found in third-party Zoom download

The bad news for Zoom keeps coming rolling in with Trend Micro researchers finding CoinMiner being bundled with a legitimate installer of the video conferencing software. The good news is the installer, Zoom installer version 4.4.0.0, is not from the company’s official download center, but likely from a fraudulent third-party store, Trend Micro reported. However,…

Attackers distill essence of Mirai IoT botnet into LiquorBot malware

Researchers recently uncovered another descendant of the Mirai Internet of Things botnet, this one featuring Monero cryptocurrency mining capabilities. Dubbed LiquorBot, the botnet malware is written in Go programming language and seems to use the same command-and-control infrastructure as Mirai. Sometimes, attack campaigns have even paired both LiquorBot and Mirai together in malicious dropper scripts,…

Dexphot malware uses fileless techniques to install cryptominer

Microsoft Corporation yesterday revealed its discovery of a polymorphic malware that uses fileless techniques to execute a cryptomining program on victimized machines. Dubbed Dexphot, the malware was first observed in October 2018 when Microsoft detected a campaign that “attempted to deploy files that changed every 20 to 30 minutes on thousands of devices,” according to…

Stantinko botnet’s monetization strategy shifts to cryptomining

The versatile Stantinko botnet that’s been targeting former Soviet nations since at least 2012 has added a Monero cryptomining module to its arsenal. Stantinko historically has perpetrated click fraud, ad injections, social network fraud and brute-force password stealing attacks, primarily targeting Russia, Ukraine, Belarus and Kazakhstan. But this latest module, discovered by researchers at ESET,…

Stolen GateHub and EpicBot credentials spotted on hacking forum

Millions of credentials stolen from the GateHub cryptocurrency wallet service and gaming bot provider EpicBot were reportedly posted on popular hacking forum site RaidForums last month, along with other personal information. Roughly 2.2 million accounts were affected – 1,408,078 of which belong GateHub users, while 816,662 were created by EpicBot users, according to security researcher…

Attackers attempt large-scale BlueKeep exploit to spread cryptominer

Almost nearly six months of warnings that Microsoft Windows users must patch the critical Remote Desktop Protocol vulnerability known as BlueKeep, researchers finally have detected the first known attempt at a large-scale attack aimed at exploiting his remote code execution flaw. Since last May, security experts have expressed concern that a BlueKeep exploit attack could…

Trojanized Russian-language Tor browser lets attacks steal from users’ e-wallets

Researchers have discovered a trojanized version of a Tor private browser that targets Russian-speaking dark web marketplace visitors and lets cybercriminals steal from their e-wallet transactions. The developers behind the malicious browser have so far stolen at least $40,000 in bitcoin, although the true number is likely higher. Researchers from ESET discovered a version of…

Graboid cryptomining worm leverages Docker Engine containers to spread

Researchers have found what they are calling the first crpytojacking worm to spread to and from compromised containers in the Docker Engine. Named Graboid as an homage to the monster worm in the 1990 movie Tremors, the malware mines Monero cryptocurrency from infected machines and randomly spreads to other vulnerable hosts. Indeed, the malware contains a list…

Fake company pushes phony cryptocurrency app to spread Mac malware

It appears North Korean hackers have revisited a tried-and-true scheme to attack Mac owners who work at cryptocurrency exchanges: creating a fake company and corresponding cryptocurrency trading app that actually infects users with malware. Researcher Patrick Wardle, creator of OS X security firm Objective-See, reported in a blog post late last week that malicious actors…

Next post in Malware