Remove Communications Remove Mining Remove Passwords Remove Security
article thumbnail

The latest variant of the RapperBot botnet adds cryptojacking capabilities

Security Affairs

ssh/authorized_keys, anyone with the corresponding private key can authenticate the SSH server without supplying a password. Initially, they deployed and executed a separate Monero miner alongside the usual RapperBot binary, but starting from January 2023, they included the mining capabilities in the bot. ” continues the report.

Mining 97
article thumbnail

Security Affairs newsletter Round 318

Security Affairs

Every week the best security articles from Security Affairs free for you in your email box. The post Security Affairs newsletter Round 318 appeared first on Security Affairs. A new round of the weekly SecurityAffairs newsletter arrived! If you want to also receive for free the international press subscribe here.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Cryptomining DreamBus botnet targets Linux servers

Security Affairs

“These techniques include numerous modules that exploit implicit trust, weak passwords, and unauthenticated remote code execution (RCE) vulnerabilities in popular applications, including Secure Shell (SSH), IT administration tools, a variety of cloud-based applications, and databases.” Ransomware, data theft).

Mining 140
article thumbnail

Highly evasive cryptocurrency miner targets macOS

Security Affairs

At the time of its discovery, the sample analyzed by the experts was not labeled as malicious by any security vendors on VirusTotal. This malware relies on the i2p (Invisible Internet Project) anonymization network for communication. Today, many malicious applications continue to go undetected by most AV vendors.

Mining 94
article thumbnail

Vulnerability Recap 6/10/24 – RCE Attacks in Major Platforms

eSecurity Planet

Threats like DarkGate’s switch to AutoHotkey, the Muhstik botnet’s Apache RocketMQ exploits, and Chinese hackers targeting ThinkPHP applications also showed the significance of proactive security. Quickly fix, upgrade, and secure your systems to maintain resilience against these increasing threats. 17)C0 for NAS326 and 5.21(ABAG.14)C0

article thumbnail

GoDaddy Employees Used in Attacks on Multiple Cryptocurrency Services

Krebs on Security

And in May of this year, GoDaddy disclosed that 28,000 of its customers’ web hosting accounts were compromised following a security incident in Oct. 17 was not related to a security incident, but rather a technical issue that materialized during planned network maintenance. 2019 that wasn’t discovered until April 2020.

Phishing 363
article thumbnail

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Recently, a new infection vector that cracks Windows machines through SMB password brute force is on the rise” reads the analysis published by AVAST. ” continues the report.

Mining 131