Browsing tag
Cybersecurity researchers have discovered an intricate multi-stage attack that leverages invoice-themed phishing decoys to deliver a wide range of malware such as Venom RAT, Remcos RAT, XWorm, NanoCore RAT, and a stealer that targets crypto wallets. The email messages come with Scalable Vector Graphics (SVG) file attachments that, when clicked, activate the infection sequence, Fortinet […]
Bogus installers for Adobe Acrobat Reader are being used to distribute a new multi-functional malware dubbed Byakugan. The starting point of the attack is a PDF file written in Portuguese that, when opened, shows a blurred image and asks the victim to click on a link to download the Reader application to view the content. […]
A critical security flaw has been disclosed in a popular WordPress plugin called Ultimate Member that has more than 200,000 active installations. The vulnerability, tracked as CVE-2024-1071, carries a CVSS score of 9.8 out of a maximum of 10. Security researcher Christiaan Swiers has been credited with discovering and reporting the flaw. In an advisory […]
A novel malware campaign has been observed targeting Redis servers for initial access with the ultimate goal of mining cryptocurrency on compromised Linux hosts. “This particular campaign involves the use of a number of novel system weakening techniques against the data store itself,” Cado security researcher Matt Muir said in a technical report. The cryptojacking […]
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned that more than 2,000 computers in the country have been infected by a strain of malware called DirtyMoe. The agency attributed the campaign to a threat actor it calls UAC-0027. DirtyMoe, active since at least 2016, is capable of carrying out cryptojacking and distributed denial-of-service […]
The threat actors associated with the 8220 Gang have been observed exploiting a high-severity flaw in Oracle WebLogic Server to propagate their malware. The security shortcoming is CVE-2020-14883 (CVSS score: 7.2), a remote code execution bug that could be exploited by authenticated attackers to take over susceptible servers. “This vulnerability allows remote authenticated attackers to […]
The recently disclosed critical security flaw impacting Apache ActiveMQ is being actively exploited by threat actors to distribute a new Go-based botnet called GoTitan as well as a .NET program known as PrCtrl Rat that’s capable of remotely commandeering the infected hosts. The attacks involve the exploitation of a remote code execution bug (CVE-2023-46604, CVSS […]
A new cryptojacking campaign has been uncovered targeting vulnerable Docker and Kubernetes infrastructures as part of opportunistic attacks designed to illicitly mine cryptocurrency. Cybersecurity company CrowdStrike dubbed the activity Kiss-a-dog, with its command-and-control infrastructure overlapping with those associated with other groups like TeamTNT, which are known to strike misconfigured Docker and Kubernetes instances. The intrusions, […]
Microsoft is warning of a new variant of the srv botnet that’s exploiting multiple security flaws in web applications and databases to install coin miners on both Windows and Linux systems. The tech giant, which has called the new version Sysrv-K, is said to weaponize an array of exploits to gain control of web servers. […]
Digital forensics specialists report a new attack method consisting of the use of WAV audio files to hide and deliver backdoors and software for the mining of the Monero cryptocurrency on infected systems. Other variants of this method injected malware by hiding their payloads in JPEG or PNG image files using steganography, a technique widely […]
The cryptocurrencies fever has led many interested parties to commit crazy acts in order to make a profit easily and without spending too many resources. Network security experts report that Ukrainian authorities are investigating a potential security breach related to the mining of virtual assets at a nuclear power plant. The incident occurred at the […]
An estimated 2 million cyberattacks took place in 2018 costing more than $45 billion in damages worldwide. The worse part is that while cyberattacks are surging authorities are struggling to tackle the growing threat, said study released on Tuesday. Ransomware attacks According to the Internet Society’s Online Trust Alliance (OTA), which compiles data from the […]
If you download pirated content from torrent platforms, you can be a victim of this Mac malware. There is a new variant of cryptomining malware that is specifically targeting Apple’s Mac devices and those users who prefer downloading pirated software from torrent platforms. Dubbed Bird Miner by researchers; this cryptocurrency mining malware is actually a […]
A group of web application security experts from Trend Micro firm have detected a hacking campaign against Oracle WebLogic Server implementations to install malicious cryptocurrency mining software. Hackers exploit a vulnerability to install the miner bypassing the detection of system administrators. The National Vulnerability Database (NVD) published last April the security alert regarding a severe […]
After a long time, the cryptocurrency mining script known as Coinhive has finally ceased to be a problem for system administrators and website visitors. However, cryptojacking remains one of the main cybersecurity threats. Specialists in IT security services have discovered a new malware variant that takes advantage of the victims’ hardware to mine virtual assets. […]
Website security audits specialists have detected a long-range cryptojacking campaign; it is reported that the threat actors behind this campaign, allegedly Chinese hackers, have already infected more than 50k servers in less than four months. Researchers have dubbed this campaign of attacks as “Nansh0u” because of a string of text files on the attacker’s servers; […]
What is Cryptojacking? It is an attack in which hackers secretly utilize the computing power of your device to mine cryptocurrency – The cybercrime climate is flexible enough to quickly adapt to new circumstances and trends. The fact that cryptocurrency markets skyrocketed in the past several years has encouraged malicious actors to find ways of getting on […]
Ransomware played havoc in 2017, and later in 2019, we all thought that hackers have moved on to crypto jacking, which is a fast and reliable revenue source. Not done, because cybersecurity experts believe that IT managers should still worry about ransomware because attackers are one step ahead. They keep innovating new ways to evade […]
Due to hard detection and easy execution of the attack, 2018 has seen excessive crypto mining malware. Cryptojacking attacks are based on cryptocurrency mining software injection into thousands of devices, leveraging its processing capabilities to extract the digital assests without the user’s consent. As a result, the victims’ computer equipment slows down, as well as […]
According to a new report, around 415,000 routers throughout the world are infected with malware having the potential to steal computer resources and discreetly mine for the cryptocurrency. The campaign is an active one and it primarily targets MikroTik routers. Researchers claim that the cryptojacking attacks started in August and in the first string of […]
Virus infection, ransomware, phishing or cryptojacking malware are not the only techniques that cybercriminals used to earn money from their victims, a classic case of crimes works too. One such successful technique is extortion, a pure threat against someone’s information in exchange for money. This classic scam, when used through an Internet medium such as […]