Security Affairs

NOVEMBER 26, 2019

Security experts at Microsoft analyzed a new strain of cryptocurrency miner tracked as Dexphot that has been active since at least October 2018. The malicious code abuse of the resources of the infected machine to mine cryptocurrency , according to the experts it has already infected 80,000 computers worldwide.

File names 131

File names Encryption Mining Security 131

Security Affairs

JUNE 27, 2021

Researchers have discovered a strain of cryptocurrency-mining malware, tracked as Crackonosh, that abuses Windows Safe mode to avoid detection. . ” reads the analysis published by Avast. The final stage of the Crackonosh attack chain is the installation of the coinminer XMRig to mine the Monero (XMR) cryptocurrency.

Mining 118

Mining File names Security IT 118

Security Affairs

JUNE 15, 2019

” reads the analysis published by Trend Micro. “A batch file first executes the WinEggDrop scanner (s.exe), which tries port 2375 on various hosts with Chinese IP address ranges specified in the ip.txt file.” launching DDoS attacker, mining cryptocurrency, etc.). .” ” states the report.

File names 100

File names Mining Access Communications 100

Security Affairs

JUNE 5, 2019

“This malware, which we named BlackSquid after the registries created and main component file names, is particularly dangerous for several reasons.” “Simultaneous with its attacks, BlackSquid also downloads and executes two XMRig cryptocurrency-mining components.! continues the analysis.

Mining 64

Mining File names Libraries IT 64

Security Affairs

MAY 29, 2019

” continues the analysis. The payloads used in this campaign were droppers used to deliver a cryptocurrency miner to mine TurtleCoin cryptocurrency. Experts observed many payloads dropping a kernel-mode driver using ransom file names and placed them in AppData/Local/Temp.

File names 80

File names Mining Cybersecurity Security 80

Security Affairs

JULY 23, 2019

Recently, our threat monitoring operations pointed us to an interesting file named “ Lucio Dalla Discografia Completa ”: this file pretends to be a collection of the discography of a famous I talian singer, but it actually hides malicious intents. . Technical Analysis. Code Snippet 1: Copy of the files in a subfolder.

Archiving 75

Archiving Mining File names Risk 75

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining 96

Mining File names Passwords Communications 96