Cryptocurrency | SC Media

Cryptocurrency

Twitter hack is a reminder of the dangers of unfettered employee access

Twitter’s acknowledgement that a “coordinated social engineering campaign” involving multiple employees was behind a hack of prominent verified accounts raises significant questions as to whether business organizations are implementing effective security controls that limit potential insider threats’ access to back-end administrative tools. The hacking incident — which promoted a cryptocurrency scam and victimized the accounts…

Docker attackers devise clever technique to avoid detection

In what researchers say is a first, attackers are performing a new container attack technique in the wild, whereby they build their own malicious images on a targeted host instead of pulling preexisting ones from a public registry. This maneuver allows the adversaries to avoid static detection by scanners that are programmed to look for…

Cryptomining campaign targets Kubernetes via machine learning framework

A malware campaign is abusing the popular machine-learning (ML) framework Kubeflow in order to target Kubernetes clusters with a crypto miner, Microsoft’s Azure Security Center (ASC) warns. Tens of clusters running on the Kubernetes open-source container orchestration system have already been impacted, the ASC notes in a blog post published this week. “Nodes that are…

Attackers distill essence of Mirai IoT botnet into LiquorBot malware

Researchers recently uncovered another descendant of the Mirai Internet of Things botnet, this one featuring Monero cryptocurrency mining capabilities. Dubbed LiquorBot, the botnet malware is written in Go programming language and seems to use the same command-and-control infrastructure as Mirai. Sometimes, attack campaigns have even paired both LiquorBot and Mirai together in malicious dropper scripts,…

The silent rise of cryptojacking

The term “cyber breach” brings to mind customer data strewn across the internet, social security numbers permeating the dark web and major news headlines. While these types of far-reaching incidents are the most likely to generate concern for consumers and organizations, a recent study from the Internet Society’s Online Trust Alliance has flagged a new,…

Dexphot malware uses fileless techniques to install cryptominer

Microsoft Corporation yesterday revealed its discovery of a polymorphic malware that uses fileless techniques to execute a cryptomining program on victimized machines. Dubbed Dexphot, the malware was first observed in October 2018 when Microsoft detected a campaign that “attempted to deploy files that changed every 20 to 30 minutes on thousands of devices,” according to…

Stantinko botnet’s monetization strategy shifts to cryptomining

The versatile Stantinko botnet that’s been targeting former Soviet nations since at least 2012 has added a Monero cryptomining module to its arsenal. Stantinko historically has perpetrated click fraud, ad injections, social network fraud and brute-force password stealing attacks, primarily targeting Russia, Ukraine, Belarus and Kazakhstan. But this latest module, discovered by researchers at ESET,…

Stolen GateHub and EpicBot credentials spotted on hacking forum

Millions of credentials stolen from the GateHub cryptocurrency wallet service and gaming bot provider EpicBot were reportedly posted on popular hacking forum site RaidForums last month, along with other personal information. Roughly 2.2 million accounts were affected – 1,408,078 of which belong GateHub users, while 816,662 were created by EpicBot users, according to security researcher…

Attackers attempt large-scale BlueKeep exploit to spread cryptominer

Almost nearly six months of warnings that Microsoft Windows users must patch the critical Remote Desktop Protocol vulnerability known as BlueKeep, researchers finally have detected the first known attempt at a large-scale attack aimed at exploiting his remote code execution flaw. Since last May, security experts have expressed concern that a BlueKeep exploit attack could…

Next post in Cybercrime