Malicious Docker Containers Earn Cryptomining Criminals $90K Seventeen malicious Docker containers earned cryptomining criminals $90,000 in 30 days in what could be a harbinger of things to come. The figure may seem tame compared to some of the larger paydays that cryptojackers have earned. But, researchers at Kromtech Security Center warn containers are shaping up to be the next ripe target for… Read More
MassMiner Takes a Kitchen-Sink Approach to Cryptomining Once the malware has been installed, it sets about mining for Monero and hooking up with a crypto-wallet and mining pool; it also connects with its C2 server for updates, and configures itself to infect other machines on the network. Meanwhile, a short VisualBasic script is used to deploy the malware to compromised Apache Struts… Read More
I built a screenshot API and some guy was mining cryptocurrencies with it This morning when I opened up my inbox, I had around 150 alert emails from the the logging tool I use. I immediatly though I must have pushed a nasty bug to production and started investigating. I quickly realized some guy was creating new accounts really fast on our screenshot API service and was rapidly… Read More
PyRoMine Uses NSA Exploit for Monero Mining and Backdoors The ShadowBrokers’ release of a trove of National Security Agency exploits last year appears to be the gift that keeps on giving, to the hacker community at least: A fresh malware that uses the EternalRomance tool has hit the scene, with Monero-mining as the stated goal. However, more damaging follow-on attacks are likely the endgame.… Read More
Monero traceability Monero is a privacy-centric cryptocurrency that allows users to obscure their transactions by includ- ing chaff coins, called “mixins,” along with the actual coins they spend. In this paper, we empirically evalu- ate two weaknesses in Monero’s mixin sampling strat- egy. Source: arxiv… Read More
A new massive cryptomining campaign target Linux servers exploiting old flaw Trend Micro uncovered a new crypto mining campaign targeting Linux servers that exploit the CVE-2013-2618 flaw in Cacti’s Network Weathermap plug-in, which system administrators use to visualize network activity. Source: securityaffairs… Read More
Why It’s Important That Monero Rejects Compatibility With Bitmain’s New Antminer Upon release, the company received instant criticism from the community at large for selling a ‘useless miner.’ The cryptographic algorithm it is designed for, CryptoNight, is mainly used by coins focused on privacy. Monero, the most widely used privacy coin based on CryptoNight, has already proclaimed it will tweak its technology to avoid being minable… Read More
A picture got my PostgreSQL database to start mining Monero We just saw an interesting attack technique applied to one of our PostgreSQL servers. After logging into the database, the attacker continued to create different payloads, implement evasion techniques through embedded binaries in a downloaded image, extract payloads to disk and trigger remote code execution of these payloads. Like so many attacks we’ve witnessed lately,… Read More
Hackers Are Stuffing DDoS Attacks with Monero Ransom Notes Security researchers at Akamai, the Internet performance company that helped Github fight off the attack, told Fortune they’ve noticed something novel some of these recent attacks. Hackers have started stuffing the barrage of Internet traffic with ransom notes. Source: fortune… Read More