Once the malware has been installed, it sets about mining for Monero and hooking up with a crypto-wallet and mining pool; it also connects with its C2 server for updates, and configures itself to infect other machines on the network. Meanwhile, a short VisualBasic script is used to deploy the malware to compromised Apache Struts… Read More

The ShadowBrokers’ release of a trove of National Security Agency exploits last year appears to be the gift that keeps on giving, to the hacker community at least: A fresh malware that uses the EternalRomance tool has hit the scene, with Monero-mining as the stated goal. However, more damaging follow-on attacks are likely the endgame.… Read More

Monero is a privacy-centric cryptocurrency that allows users to obscure their transactions by includ- ing chaff coins, called “mixins,” along with the actual coins they spend. In this paper, we empirically evalu- ate two weaknesses in Monero’s mixin sampling strat- egy. Source: arxiv… Read More

We just saw an interesting attack technique applied to one of our PostgreSQL servers. After logging into the database, the attacker continued to create different payloads, implement evasion techniques through embedded binaries in a downloaded image, extract payloads to disk and trigger remote code execution of these payloads. Like so many attacks we’ve witnessed lately,… Read More

Security researchers at Akamai, the Internet performance company that helped Github fight off the attack, told Fortune they’ve noticed something novel some of these recent attacks. Hackers have started stuffing the barrage of Internet traffic with ransom notes. Source: fortune… Read More