Blue Mockingbird Monero-Mining Campaign Exploits Web Apps

The cybercriminals are using a deserialization vulnerability, CVE-2019-18935, to achieve remote code execution before moving laterally through the enterprise. Continue reading Blue Mockingbird Monero-Mining Campaign Exploits Web Apps

A 35,000-device botnet in Peru is wounded, but still mining cryptocurrency

Cybersecurity researchers on Thursday said they had helped disrupt the infrastructure behind a botnet being powered by tens of thousands of devices in Peru. For months, the botnet — an army of compromised computers controlled by an attacker — had grown in strength by quietly infecting devices using USB drives, allowing the attackers to mine thousands of dollars in cryptocurrency. The infections reached the Peruvian public sector and financial institutions, adding urgency to the effort to defang it. Now, Slovakian anti-virus company ESET says it helped “sinkhole” — or render innocuous — about a quarter of the malicious subdomains used by the botnet. That means the infected machines will continue to mine cryptocurrency, but they won’t be able to receive more malicious instructions — such as injecting code onto devices— from whoever is controlling the botnet. (ESET said it had no indication that those code injections would happen.) It’s an example of how the fight […]

The post A 35,000-device botnet in Peru is wounded, but still mining cryptocurrency appeared first on CyberScoop.

Continue reading A 35,000-device botnet in Peru is wounded, but still mining cryptocurrency

Crazy cryptomining Cooking Mama rumours spread as game pulled from Nintendo Switch online store

This weekend rumours circulated that the Nintendo Switch video game “Cooking Mama: Cookstar” contained code that would secretly hijack the game console’s processing power to mine for cryptocurrency.
Probably not the kind of think you … Continue reading Crazy cryptomining Cooking Mama rumours spread as game pulled from Nintendo Switch online store

Cryptomining Malware Vivin Uses Pirated Software as Attack Vector

Vivin, a cryptomining malware that likes munching on Monero, is one of the many examples of such software roaming the dark corners of the Internet. Security researchers have been tracking it for the last couple of years, and it shows no sign of slowing… Continue reading Cryptomining Malware Vivin Uses Pirated Software as Attack Vector