Google Removes Fake Crypto-Mining Apps

Data Breach Today

Researchers Say Users Paid Fees for Fake Mining Services Google has removed eight fake crypto-mining apps from its Play Store, but security researchers have flagged 120 similar apps still available on the store, according to Trend Micro.

Mining 229

Malicious Docker Images Used to Mine Monero

Data Breach Today

Images on Docker Hub Contained Cryptominers A recently uncovered cryptomining scheme used malicious Docker images to hijack organizations’ computing resources to mine cryptocurrency, according to the cybersecurity firm Aqua Security

Mining 228
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Monero Mining Botnet Targets PostgreSQL Database Servers

Data Breach Today

Researchers: 'PGMiner' Malware Uses Brute-Force Methods to Guess Passwords Researchers with Palo Alto Networks' Unit 42 are tracking a relatively new cryptomining botnet called "PGMiner," which is targeting PostgreSQL database servers to illegally mine for monero.

Mining 228

Is Cryptocurrency-Mining Malware Due for a Comeback?

Data Breach Today

But if the viability of ransomware as a criminal business model should decline, expect those attackers to quickly embrace something else, such as illicitly mining for cryptocurrency If Ransomware Should Decline as a Viable Criminal Business Model, What Comes Next?

Mining 252

Atlassian Confluence bug CVE-2022-26134 exploited in cryptocurrency mining campaign

Security Affairs

Threat actors are targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign. Trend Micro researchers warn of an ongoing crypto mining campaign targeting Atlassian Confluence servers affected by the CVE-2022-26134 vulnerability.

Mining 108

Hackers Used Malicious Docker Images to Mine Monero

Data Breach Today

Researchers Found Images on Docker Hub That Contained Cryptominers A recently uncovered cryptomining scheme used malicious Docker images to hide cryptocurrency mining code, according to an analysis from Palo Alto Networks' Unit 42

Mining 236

Botnet Designed to Mine Virtual Currency Shut Down

Data Breach Today

The botnet's main purpose was mining monero cryptocurrency ESET: 'VictoryGate' Infected 35,000 Devices VictoryGate, a recently discovered botnet that infected about 35,000 devices with malware, has been disabled by researchers from security firm ESET.

Mining 209

What’s the difference between data mining and text mining?

OpenText Information Management

Even though data mining and text mining are often seen as complementary analytic processes that solve business problems through data analysis, they differ on the type of data they handle. While data mining handles structured data – highly formatted data such as in databases or ERP systems – text mining deals with unstructured textual data … The post What’s the difference between data mining and text mining?

The Family That Mined the Pentagon's Data for Profit

WIRED Threat Level

The Freedom of Information Act helps Americans learn what the government is up to. The Poseys exploited it—and became unlikely defenders of transparency. Backchannel Security / National Security Security / Privacy

Mining 106

Token-Mining Weakness in Microsoft Teams Makes for Perfect Phish

Dark Reading

Access tokens for other Teams users can be recovered, allowing attackers to move from a single compromise to the ability to impersonate critical employees, but Microsoft isn't planning to patch

New Golang-Based Worm Targets Servers to Mine Monero

Data Breach Today

Researchers Say Recently Uncovered Malware Targets Windows and Linux Researchers at the security firm Intezer have detected a new Golang-based worm that is targeting Windows and Linux servers with monero cryptomining malware

Mining 177

Zoom Removes Data-Mining LinkedIn Feature

Threatpost

The feature, criticized for "undisclosed data-mining," is only the latest privacy faux pas for Zoom this month. Privacy Vulnerabilities Web Security Data Mining Data security disabled LinkedIn linkedin feature navigator public response removes Security issues zoom zoom data zoom security

Blue Mockingbird Monero-Mining campaign targets web apps

Security Affairs

Crooks exploit CVE-2019-18935 deserialization vulnerability to achieve remote code execution in Blue Mockingbird Monero-Mining campaign. Each payload comes compiled with a standard list of commonly used Monero-mining domains alongside a Monero wallet address,” continues the analysis. “So

New Malware Hijacks Cryptocurrency Mining

Schneier on Security

After gaining control of the coin-mining software, the malware replaces the wallet address the computer owner uses to collect newly minted currency with an address controlled by the attacker. This is a clever attack. From then on, the attacker receives all coins generated, and owners are none the wiser unless they take time to manually inspect their software configuration. So far it hasn't been very profitable, but it -- or some later version -- eventually will be.

Mining 110

Crypto-mining campaign targets Kubeflow installs on a large scale

Security Affairs

Microsoft uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine cryptocurrency. Microsoft researchers uncovered a malicious campaign targeting Kubeflow workloads to deploy TensorFlow pods that are used to mine for cryptocurrency.

Mining 105

Crypto Mining Service Coinhive to Call it Quits

Krebs on Security

com , a cryptocurrency mining service that has been heavily abused to force hacked Web sites to mine virtual currency. Coinhive took a whopping 30 percent of the cut of all Monero currency mined by its code, and this presented something of a conflict of interest when it came to stopping the rampant abuse of its platform. Trouble was, killing the key did nothing to stop Coinhive’s code from continuing to mine Monero on a hacked site.

Mining 167

Child Predators Mine Twitch to Prey on Kids

WIRED Threat Level

Plus: A leaked trove illuminates Russia’s internet regulator, a report finds Facebook and Instagram violated Palestinian rights, and more. Security Security / Security News

Ngrok Mining Botnet

Security Affairs

Additionally, the campaign is sophisticated in seeking to detect, analyse and neutralise other competing crypto-mining malware. I’ve been following the Monero mining pool address used in the Ngrok campaign and regularly checking for other research references on the internet. Firstly nearly all attacks observed were Crypto-mining attackers. Enumerate all processes and immediately kill any that meet a pre-defined kill list (other mining processes).

Government Websites Deliver Cryptocurrency Mining Code

Data Breach Today

and Australian governments, have been turning their visitors' computers into mining machines to harvest the virtual currency Monero. The security lapse continues the recent trend of cryptocurrency mining malware overtaking ransomware Security of Code Pushed by Content Delivery Networks Remains Ongoing Concern More than 4,200 websites, some belonging to the U.S.,

Mining 109

Process mining and visualization steer digital transformation

DXC

Through process mining and visualization, organizations can identify things such as key bottlenecks and look for ways to deal with those troubling pinch points. The post Process mining and visualization steer digital transformation appeared first on DXC Blogs.

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Security Affairs

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. The mining program is composed of unity_install.sh The malware was designed to abuse NAS resources and mine cryptocurrency.

Mining 104

Cryptominer ELFs Using MSR to Boost Mining Process

Security Affairs

The Uptycs Threat Research Team recently observed Golang-based worm dropping cryptominer binaries which use the MSR (Model Specific Register) driver to disable hardware prefetchers and increase the speed of the mining process by 15%.

Mining 101

Attackers are abusing GitHub infrastructure to mine cryptocurrency

Security Affairs

The popular code repository hosting service GitHub is investigating a crypto-mining campaign abusing its infrastructure. Code repository hosting service GitHub launched an investigation in a series of attacks aimed at abusing its infrastructure to illicitly mine cryptocurrency.

Hacked MicroTik Routers Serve Cryptocurrency-Mining Malware

Data Breach Today

Researchers: Attackers Have Compromised More Than 209,000 Routers Attackers have targeted a patched vulnerability to exploit more than 209,000 carrier-grade routers made by Latvian manufacturer MicroTik and infect them with two types of malware - Coinhive and Crypto-Loot - designed to mine for cryptocurrency, security researchers say

Mining 103

Hospital Hit With Cryptocurrency Mining Malware

Data Breach Today

Do healthcare entities face a growing risk of being hit with cryptocurrency mining attacks, which have become more common in other sectors? Are More Healthcare Sector Entities at Risk? A Tennessee hospital may be the first victim in the sector, and some security experts predict many more such incidents

Mining 109

Is social media being mined for insider threats?

OpenText Information Management

Not that long-ago, social media was the “new kid on the block,” something we used to share photos with distant family members, comment … The post Is social media being mined for insider threats? This blog is co-authored by Annie John and Todd Cernetic.

Lemon Duck Cryptocurrency-Mining Botnet Activity Spikes

Threatpost

Researchers warn of a spike in the cryptocurrency-mining botnet since August 2020. Vulnerabilities Web Security AMD attack spike bluekeep botnet brute force Cisco Talos COVID-19 Cryptocurrency cryptomining DNS GTX lemon duck Linux Monero Nvidia RDP Windows

Prometei, a new modular crypto-mining botnet exploits Windows SMB

Security Affairs

Prometei is a crypto-mining botnet that recently appeared in the threat landscape, it exploits the Microsoft Windows SMB protocol for lateral movements. move laterally across systems while covertly mining for cryptocurrency. .

Microsoft Defender uses Intel TDT technology against crypto-mining malware

Security Affairs

Cryptojacking malware allows threat actors to secretly mine for cryptocurrency abusing computational resources of the infected devices. The post Microsoft Defender uses Intel TDT technology against crypto-mining malware appeared first on Security Affairs.

Pacha Group declares war to rival crypto mining hacking groups

Security Affairs

Two hacking groups associated with large-scale crypto mining campaigns, Pacha Group and Rocke Group , wage war to compromise as much as possible cloud-based infrastructure. Researchers at Intezer Labs continued to monitor this cybercrime group and discovered that it is also targeting cloud-based environments and working to disrupt operations of other crypto-mining groups, such as the Rocke Group.

Ghost Blogging Platform Hacked To Mine Cryptocurrency

Adam Levin

Hackers successfully breached the servers of a popular blogging platform and used them to mine cryptocurrency. As of May 4, Ghost announced that it had successfully purged the cryptocurrency mining malware from its systems.

Google bans cryptocurrency mining apps from the official Play Store

Security Affairs

Google has updated the Play Store Developer Policy page to ban mobile mining apps that mine cryptocurrencies using the computational resources of the devices. Following Apple’s decision of banning cryptocurrency mining apps announced in June, also Google has updated the Play Store Developer Policy page to ban mobile apps that mine cryptocurrencies using the computational resources of the devices. Securi ty Affairs – mining apps, Google).

Court Rules in Favor of Mining LinkedIn User Data

Adam Levin

A federal appellate court ruled that mining and aggregating user data publicly posted to social media sites is allowable by law. In an opinion released earlier this month, the 9th Circuit U.S.Court of Appeals upheld an injunction against employment-centric social network LinkedIn from blocking access to hiQ, a data mining company that sells aggregated user information. . The post Court Rules in Favor of Mining LinkedIn User Data appeared first on Adam Levin.

Tennessee Hospital Hit With Cryptocurrency Mining Malware

Dark Reading

Decatur County General Hospital is notifying 24,000 patients of cryptocurrency mining software on its EMR system

PGMiner, Innovative Monero-Mining Botnet, Surprises Researchers

Threatpost

The malware takes aim at PostgreSQL database servers with never-before-seen techniques. Cloud Security Malware Vulnerabilities botnet cryptomining CVE-2019-9193 database servers Linux Malware analysis Monero Palo Alto PGMiner PostgreSQL RCE remote code execution security vulnerability Unit 42

3 new steps in the data mining process to ensure trustworthy AI

IBM Big Data Hub

To help data scientists reflect and identify possible ethical concerns the standard process for data mining should include 3 additional steps: data risk assessment, model risk assessment and production monitoring.

Data Mining and Predictive Analytics

Import.IO

What is data mining? Is there a difference between data mining and predictive analytics? The post Data Mining and Predictive Analytics appeared first on Import.io.

Hijacking Computers for Cryptocurrency Mining

Schneier on Security

Interesting paper " A first look at browser-based cryptojacking ": Abstract : In this paper, we examine the recent trend towards in-browser mining of cryptocurrencies; in particular, the mining of Monero through Coinhive and similar code-bases. In this model, a user visiting a website will download a JavaScript code that executes client-side in her browser, mines a cryptocurrency, typically without her consent or knowledge, and pays out the seigniorage to the website.

New study looks at the top trends in data mining and analytics

Information Management Resources

Data mining can help enterprises identify anomalies, patterns, and correlations within large unstructured data sets to predict business outcomes. Analytics Data management Data mining

2021 Predictions Are Foolhardy – Here Are Four of Mine

KnowBe4

The post 2021 Predictions Are Foolhardy – Here Are Four of Mine appeared first on MediaPRO.