Security Affairs

SEPTEMBER 22, 2022

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. The gap is being abused for malicious cryptocurrency mining.”

Mining 119

Mining File names Ransomware Cloud 119

Security Affairs

APRIL 30, 2020

We saw an active coin miner campaign that inserts a malicious VBScript into ZIP files posing as movie downloads. — Microsoft Security Intelligence (@MsftSecIntel) April 28, 2020. Experts observed an ongoing coin miner campaign that injects a malicious VBScript into ZIP files posing as movie downloads. Pierluigi Paganini.

Mining 87

Mining File names Risk Cybersecurity 87

Security Affairs

JANUARY 4, 2019

” reads the analysis published by F-Secure. The new version of NRSMiner updates existing infections by downloading new modules and removing files and services installed by old previous versions. This malicious code first installs a service named snmpstorsrv , with snmpstorsrv.dll registered as servicedll. traduires[.]com

Mining 90

Mining File names Access IT 90

Security Affairs

JUNE 15, 2019

When a running container is spotted, the AESDDoS bot is then deployed using the docker exec command , which allows shell access to all applicable running containers within the exposed host. “The output of this command is saved into a file named ips.txt, which is then fed into the Docker.exe file. Pierluigi Paganini.

File names 98

File names Mining Access Communications 98

Security Affairs

APRIL 28, 2020

The Outlaw Botnet uses brute force and SSH exploit (exploit Shellshock Flaw and Drupalgeddon2 vulnerability ) to achieve remote access to the target systems, including server and IoT devices. The Access Logs include requests coming from different source IP addresses with a delay of about 30 seconds from each other. Technical Analysis.

Mining 103

Mining File names Honeypots IT 103

Security Affairs

JUNE 5, 2019

Security experts at Trend Micro have discovered a new Monero cryptomining miner, dubbed BlackSquid, that is targeting web servers, network drives, and removable drives. “This malware, which we named BlackSquid after the registries created and main component file names, is particularly dangerous for several reasons.”

Mining 63

Mining File names Libraries IT 63

Security Affairs

FEBRUARY 28, 2019

Security expert Marco Ramilli analyzed a new piece of malware apparently designed to target PIK-Group that implements ransomware , Trojan, and Miner capabilities. So I clicked on the link (see IOC section) and I’ve downloaded a “pik.zip” file. According to zcashnetwork the attacker’s wallet received from mining activity 4.89

Ransomware 78

Ransomware Mining File names Encryption 78