Ghost Blogging Platform Hacked To Mine Cryptocurrency

Adam Levin

Hackers successfully breached the servers of a popular blogging platform and used them to mine cryptocurrency. As of May 4, Ghost announced that it had successfully purged the cryptocurrency mining malware from its systems.

Court Rules in Favor of Mining LinkedIn User Data

Adam Levin

A federal appellate court ruled that mining and aggregating user data publicly posted to social media sites is allowable by law. It also limits the definition of “unauthorized access” to content protected behind a password or some other means of authorization. .

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Q&A: Crypto jackers redirect illicit mining ops to bigger targets — company servers

The Last Watchdog

Illicit crypto mining is advancing apace. It began when threat actors began stealthily embedding crypto mining functionality into the web browsers of unwitting individuals. Related article: Illicit crypto mining hits cloud services. Cybercriminals have shifted their focus to burrowing onto company servers and then redirecting those corporate computing resources to crypto mining chores. Arsene: It’s important to understand that crypto mining may seem benign.

Mining 172

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

On the face, the damage caused by cryptojacking may appear to be mostly limited to consumers and website publishers who are getting their computing resources diverted to mining fresh units of Monero, Ethereum and Bytecoin on behalf of leeching attackers. You can mine them, if you have a powerful CPU. Or you can hijack other people’s computers to do the mining. LW: I can’t really use my MacBook to mine Bitcoin, can I?

Mining 145

Malware Moves: Attackers Retool for Cryptocurrency Theft

Data Breach Today

New and Repurposed Attack Code Steals Passwords, Drops Miners and Ransomware Cybercrime gangs continue to update or issue fresh versions of malware to mine for cryptocurrency, deliver crypto-locking ransomware, steal passwords and facilitate online bank account heists, according to new research reports.

Mining 214

The Trouble with Politicians Sharing Passwords

Troy Hunt

In this case, that secret is her password and, well, just read it: My staff log onto my computer on my desk with my login everyday. To be fair to Nadine, she's certainly not the only one handing her password out to other people. In fact I often forget my password and have to ask my staff what it is. Passwords are regularly changed. There is no need to share your password for them to access your email.

E-Verify’s “SSN Lock” is Nothing of the Sort

Krebs on Security

After verifying my email address, I was asked to pick a strong password and select a form of multi-factor authentication (MFA). Password reset questions selected, the site proceeded to ask four, multiple-guess “knowledge-based authentication” questions to verify my identity.

Guy Fawkes Day – LulzSec Italy hit numerous organizations in Italy

Security Affairs

Included in the breaches were Italy’s National Research Center , The Institute for Education Technologies , the ILIESI Institute for the European Intellectual Lexicon , National Mining Office for Hydrocarbons and Geo-resources , Ministry of Economic Development , State Police Association , Fratelli D’Italia , Lega Nord Trentino , Partito Democratico Siena , TV Trentino , Technapoli Equitalia , State Archives S.I.A.S. 1 Username and Password In Database itd_cp: [link].

How to Keep Your WFH Employees Safe From new Cybersecurity Attacks

InfoGoTo

After entering our username and password, the site sends a text message to a mobile phone or requires the use of a third-party authenticator app. LastPass’s 2019 Global Password Security Report found that 57% now use it, up from 45% just a year ago.

Experts saw 100k+ daily brute-force attacks on RDP during COVID-19 lockdown

Security Affairs

ESET researchers also said the attackers also attempt to exploit RDP connections to try to install coin-mining malware or create a backdoor. Require strong and complex passwords for all accounts that can be logged into via RDP.

A backdoor mechanism found in tens of Ruby libraries

Security Affairs

The backdoor was used by attackers to inject mining code in Ruby projects using the malicious versions of the libraries. Every time the method gets called it will send the email/password to the attacker.”

New strain of Clipsa malware launches brute-force attacks on WordPress sites

Security Affairs

Avast spotted a new strain of Clipsa malware that is used to mine and steal cryptocurrencies along with carrying out brute-force attacks on WordPress sites. The ability to launch brute-force attacks in unusual for a password stealer as explained by Jan Rubín, a malware researcher at Avast.

Mining 109

US Journalist Detained When Returning to US

Schneier on Security

After I gave him the password to my iPhone, Moncivias spent three hours reviewing hundreds of photos and videos and emails and calls and texts, including encrypted messages on WhatsApp, Signal, and Telegram. Nothing on mine was spared.

Mining 107

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

The end game for this particular hacking ring is to install crypto currency mining routines on compromised Linux servers. Use a password manager. It’s clear that we will continue to be reliant on usernames and passwords to access online services for some time to come. This means using strong passwords — and changing them frequently — will remain a vital best security practice.

Cryptojacking campaign uses Shodan to scan for Docker hosts to hack

Security Affairs

“The script then calls a Monero coin-mining binary, darwin (detected as PUA.Linux.XMRMiner.AA), to run in the background. As with all cryptocurrency miners, it uses the resources of the host system to mine cryptocurrency (Monero in this instance) without the owner’s knowledge.”

Mining 111

Weekly Update 197

Troy Hunt

I'm literally surrounded by broken pieces of half finished repairs. My office is usually a pretty organised place so it's kinda frustrating, but then I'm replacing equipment that's seen up to a decade or more of solid use so that's not a bad run.

Data of Indian defence contractor Bharat Earth Movers Limited (BEML) available online

Security Affairs

The company manufactures a variety of heavy equipment (bulldozers, dump trucks, hydraulic excavators, wheel loaders, rope shovels, walking draglines, motor graders and scrapers), such as that used for earthmoving, transport and mining.

Vollgar botnet has managed to infect around 3k MSSQL DB servers daily

Security Affairs

Cybersecurity researchers spotted a crypto-mining botnet, tracked as Vollgar, that has been hijacking MSSQL servers since at least 2018. Researchers at Guardicore Labs discovered a crypto-mining botnet , tracked as Vollgar botnet , that is targeting MSSQL databases since 2018.

Mining 102

Hackers target Docker servers to deploy the new Kinsing cryptocurrency miner

Security Affairs

Experts uncovered a hacking campaign that is breaching Docker clusters to deploy a new crypto-mining malware tracked as Kinsing.

For nearly a year, Brazilian users have been targeted with router attacks

Security Affairs

“ Malware then guesses routers’ passwords , which new research from Avast shows are often weak. ” Avast researchers also observed crooks using DNS hijacking to deliver crypto mining scripts to users’ browsers.

ARES ADB IOT Botnet targets Android Set Top Boxes (STB) and TVs

Security Affairs

In June, Trend Micro discovered an Android crypto-currency mining botnet that can spread via open ADB (Android Debug Bridge) ports and Secure Shell (SSH). . Ares bot also scans for both other Android systems running Telnet services and attempt to crack passwords protecting them.

IoT 101

Beapy Cryptojacking campaign leverages EternalBlue exploit to spread

Security Affairs

Experts reported that the Beapy malware also uses the popular post-exploitation tool Mimikatz to steal passwords from Windows systems. Unlike Coinhive, Beapy is a file-based miner that must be installed by attackers on the victims’ machines in order to mine cryptocurrency.

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

Before it was taken offline sometime in the past 12 hours, the database contained millions of records, including the username, password and private encryption key of each mSpy customer who logged in to the mSpy site or purchased an mSpy license over the past six months.

Cryptomining Campaign involves Golang malware to target Linux servers

Security Affairs

“The malware campaign propagates using 7 different methods: 4 web application exploits (2 targeting ThinkPHP, 1 targeting Drupal, and 1 targeting Confluence), SSH credentials enumeration, Redis database passwords enumeration, and also trying to connect other machines using found SSH keys.”

Modular Cryptojacking malware uses worm abilities to spread

Security Affairs

and also the system weak password to spread, using the vulnerability intrusion set with ElasticSearch, Hadoop, Redis, Spring, Weblogic, ThinkPHP and SqlServer server machines, after the invasion using the victim machine to dig the Monroe currency.”

“Stole $24 Million But Still Can’t Keep a Friend”

Krebs on Security

” David said Truglia initially explained his wealth by saying he’d made the money by mining cryptocurrencies , but that Truglia later would admit he stole the funds. However, many online services let customers reset their password merely by using their mobile phones.

CookieMiner Mac Malware steals browser cookies and sensitive Data

Security Affairs

“It also steals saved passwords in Chrome. CookieMiner configures the compromised systems to load coinmining software that appears like an XMRIG-type miner, but that mines Koto, a lesser popular cryptocurrency associated with Japan.

Mining 108

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

In the first half of 2018, researchers at Kaspersky Lab said that the most popular attack vector against IoT devices remains cracking Telnet passwords (75,40%), followed by cracking SSH passwords (11,59%).

IoT 98

VASCO rebrands as OneSpan, makes acquisition, to support emerging mobile banking services

The Last Watchdog

No one liked the use case where you typed in a password from a hardware dongle into your mobile application. LaSala: When mobile fraud first started, hackers tried to steal as many usernames and passwords as they could. What we’re seeing is they’re going in and taking a bank’s good application and wrapping a crypto currency mining app around it. LW: It’s the actual banking app, wrapped up with a crypto mining functionality on it?

Mining 139

How To Protect Yourself From Hackers

Cyber Info Veritas

These Trojans have the ability to steal your web browser history and inputs even as they use your computing power to mine cryptocurrencies—this type of Trojans are very recent and run covertly in the background; the only thing you will note is your computer lagging.

XMR crypto miner switches from arm IoT devices to X86/I686 Intel servers

Security Affairs

“I suspect it’s probably a derivate of other IoT crypto mining botnets,” Cashdollar told The Register. “Unsecured services with unpatched vulnerabilities or weak passwords are prime targets for exploitation and abuse.

Expect More Spam Calls and SIM-Card Scams: 400 Million Phone Numbers Exposed

Adam Levin

As much as I love this one friend of mine, nothing is private when we’re together. You probably have a friend like this.

Security Affairs newsletter Round 223 – News of the week

Security Affairs

Israel surveillance firm NSO group can mine data from major social media. Slack resetting passwords for roughly 1% of its users. A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Kindle Edition. Paper Copy.

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. In 2017, password-protected archives accounted for only 0.08% of all malicious objects.

Outlaw is Back, a New Crypto-Botnet Targets European Organizations

Security Affairs

This directory contains the crypto mining module named kswapd0. This component has two main functions: Install a cryptoMiner worker: The main purpose of this elf file is the instantiation of a crypto-mining worker.

Experts found a new powerful modular Linux cryptominer

Security Affairs

downloads and starts its own Monero-mining operation. Linux.BtcMine.174 also downloads and executes with the ability to steal user-entered passwords for the su command and to hide files in the file system, network connections, and running processes. Security experts from Russian antivirus firm Dr.Web have discovered a new strain of Linux cryptominer tracked as Linux.BtcMine.174.

Law enforcement seized WeLeakInfo.com for selling access to data from data breaches

Security Affairs

Data breach notification services like WeLeakInfo are a mine for threat actors that could gather information on their targets before launching a cyber attack. The FBI has seized the WeLeakInfo.com websites for selling subscriptions to data that were exposed in data breaches.

Skidmap Linux miner leverages kernel-mode rootkits to evade detection

Security Affairs

The crypto-miner set up a secret master password that uses to access any user account on the system. A case in point: the way Skidmap can also set up a secret master password that gives it access to any user account in the system.”

Hackers abuse BitBucket to infect 500K+ hosts with arsenal of malware

Security Affairs

“ Cybereason is following an active campaign to deliver an arsenal of malware that is able to steal data, mine for cryptocurrency , and deliver ransomware to victims all over the world.

Ethical Hackers: A Business’s Best Friend?

Thales eSecurity

The four key methods of an ethical hacker include: Monitoring: They’ll monitor a company to understand the data it creates and stores and where any sensitive data is — the gold mine hackers are after. Originally published in Forbes on July 29, 2019.