cryptocurrency, digital currency

Cryptocurrency

Plurox backdoor opens up networks to cryptominers and protocol exploits

Researchers earlier this year discovered a modular backdoor that delivers one of eight different cryptominers to infected systems, as well as malicious plug-ins that exploit the UPnP and SMB protocols. Written in C and compiled with Mingw GCC, the malware, dubbed Plurox, was discovered last February by researchers at Kaspersky, who believe they detected the…

Making a racket: LoudMiner malware cryptojacks VMs, comes bundled with pirated VST software

Malicious actors are attempting to infect computers running Tiny Core Linux virtual machines with an XMRig-based cryptominer that’s being bundled with pirated copies of Virtual Studio Technology (VST) software applications. Dubbed LoudMiner, the Monero-mining software first appeared in August 2018, and works by abusing virtualization software – QEMU on macOS machines and VirtualBox on Windows devices.…

Monero crypto-currency (Cryptonic.net)

Adversaries exploit WebLogic bug to deliver cryptominer, use .cer files for obfuscation

Cybercriminals have been using a recently discovered critical vulnerability in the Oracle WebLogic server to deliver a Monero cryptomining program, while using certificate files to obfuscate malicious code. Caused by a deserialization error, the flaw, CVE-2019-2725, was patched in an April 26 out-of-band security update. The SANS ISC InfoSec forums originally hosted reports of malicious actors exploiting…

GateHub hit for $9.5 million worth of cryptocurrency

The cryptocurrency wallet service GateHub was hit by a cyber heist that netted 23.2 million Ripple coins (XRP), worth nearly $9.5 million. The incident is still under investigation, but researchers at the firm believe the hacker abused its API to carry out the attacks, albeit it is unsure how. “We have however detected an increased…

Researchers exploit crypto wallet bug before hackers to save customer funds

A cryptocurrency startup exploited a backdoor in its own platform to protect its customer’s funds after threat actors had spotted and attempted to exploit the flaw. Researchers on the npm, Inc security team discovered a backdoor in the Agama cryptocurrency wallet on the Komodo platform during a security audit of the platform. “This attack focused…

BlackSquid malware wants to wrap its tentacles around web servers and drives

Researchers have discovered a new malware family that uses a set of eight exploits to compromise web servers, network drives and removable drives. Dubbed BlackSquid, the malware has been observed dropping XMRig cryptominer programs, but attackers could easily use it to deliver other nasty payloads to infected devices, as well as obtain unauthorized access, escalate…

Malvertising scheme abuses Yandex.Direct, targets Russian accountants with assorted malware

Cybercriminals are abusing the Yandex.Direct online advertising service in order to serve up malicious ads that target Russian accountants with the goal of infecting them with banking trojans and ransomware. Researchers from ESET have so far linked six malware programs to this campaign, which began in October and continues to this day. During periods of…

Flaw in Confluence collaboration products exploited to deliver GandCrab, AESDDoS Botnet malware

Malicious actors have been serving up GandCrab ransomware and a variant of AESDDoS Botnet malware by exploiting a recently patched vulnerability in two “Confluence” team collaboration products from Australia-based Atlassian. GandCrab is a malicious encryption program that first emerged in early 2018, while the AESDDoS variant is a more versatile program capable of remote code…

New cryptomining worm Beapy targets Asian enterprises while ignoring consumers

Researchers have discovered a previously unknown, file-based cryptominer worm that has been heavily targeting enterprises based in Asia. The researchers, from Symantec Corporation’s Security Response Attack Investigation Team, believe this latest threat perpetuates what they describe as a recent trend in cryptojacking: focusing on large business and organizations rather than consumers. Dubbed Beapy, the Python-based…

Two Romanians convicted for roles in Bayrob malware operation

Two Romanian nationals were convicted in an Ohio federal court on Thursday for their roles in the Bayrob group, an organization that launched a multi-million-dollar cybercriminal operation fueled by its own proprietary malware. Bogdan Nicolescu, 36, and Radu Miclaus, 37, were found guilty on separate 21 counts for developing and spreading the Bayrob trojan, which…

Next post in Security News