Security Affairs

SEPTEMBER 22, 2022

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability. in the collaboration tool Atlassian Confluence. .

Mining 121

Mining File names Ransomware Cloud 121

Security Affairs

APRIL 23, 2021

A new Linux botnet uses Tor through a network of proxies using the Socks5 protocol, abuses legitimate DevOps tools, and other emerging techniques. Experts highlighted that this Linux botnet downloads all the files it needs from the Tor network, including legitimate binaries like ss , ps , and curl. for spreading. Pierluigi Paganini.

Mining 102

Mining File names IT Security 102

Security Affairs

APRIL 30, 2020

Experts observed an ongoing coin miner campaign that injects a malicious VBScript into ZIP files posing as movie downloads. The campaign primarily targets users in Spain and South American countries, aims to launch a coin-mining shellcode directly in memory. ” reads the Tweet published by the Microsoft Security Intelligence team.

Mining 88

Mining File names Risk Cybersecurity 88

Security Affairs

APRIL 28, 2020

Once the machine is fully compromised, the attacker will install a complete hacking suite, composed of an IRC bot, an SSH scanner, a bruteforce tool, and an XMRIG crypto-miner. When the machine is completely infected, the installed files are the following: Figure 2: Directory listing. The initial script is the file named “ a ”.

Mining 104

Mining File names Honeypots IT 104

Security Affairs

JUNE 15, 2019

Hackers are attempting to exploit an API misconfiguration in the open-source version of the popular DevOps tool Docker Engine-Community to infiltrate containers and run the Linux bot AESDDoS (Backdoor.Linux.DOFLOO.AA). “The output of this command is saved into a file named ips.txt, which is then fed into the Docker.exe file.

File names 102

File names Mining Access Communications 102

Security Affairs

MAY 29, 2019

The payloads used in this campaign were droppers used to deliver a cryptocurrency miner to mine TurtleCoin cryptocurrency. Experts observed many payloads dropping a kernel-mode driver using ransom file names and placed them in AppData/Local/Temp. Some of the file servers deployed for this campaign are HFSs in Chinese.

File names 80

File names Mining Cybersecurity Security 80

Security Affairs

JULY 22, 2020

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. Security experts from Cisco Talos discovered a new crypto-mining botnet, tracked as Prometei, that exploits the Microsoft Windows SMB protocol for lateral movements.

Mining 98

Mining File names Passwords Communications 98