Obama-Themed Ransomware Also Mines for Monero

Data Breach Today

More Proof Cryptojacking Is Thriving: Crypto-Locking Malware Doubles as Miner Ransomware creators, having already created "themes" for their crypto-locking malware ranging from Pokemon and horror movies to princesses and Donald Trump, have now debuted "Barack Obama" ransomware.

Mining 181

Government Websites Deliver Cryptocurrency Mining Code

Data Breach Today

and Australian governments, have been turning their visitors' computers into mining machines to harvest the virtual currency Monero. The security lapse continues the recent trend of cryptocurrency mining malware overtaking ransomware

Mining 173

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Cryptojacking Displaces Ransomware as Top Malware Threat

Data Breach Today

Criminals' Quest for Cryptocurrency Continues If 2017 was the year of ransomware innovation, 2018 is well on its way to being known as the year of cryptocurrency mining malware. But while ransomware campaigns may be down, they're far from out

EVRAZ operations in North America disrupted by Ryuk ransomware

Security Affairs

Computer systems at EVRAZ, a multinational vertically integrated steel making and mining company, have been hit by Ryuk ransomware. EVRAZ is one of the world’s largest multinational vertically integrated steel making and mining companies with headquarters in London.

Cryptojacking: Hackers Mining Bitcoin on Your Dime!

InfoGoTo

When cryptojacking, criminal hackers use enterprise computers to mine cryptocurrencies like bitcoin without the organization’s knowledge or consent, escaping the upfront costs of buying computers or computer processing power for the job. Cryptojacking has already replaced ransomware as the No. 1 threat facing enterprises; cryptojacking is more profitable and requires less effort and risk than ransomware, according to ITProPortal and Forbes.

Will cryptocurrency mining soon saturate AWS, Microsoft Azure and Google Cloud?

The Last Watchdog

Related: Why cryptojacking is more insidious than ransomware. On the face, the damage caused by cryptojacking may appear to be mostly limited to consumers and website publishers who are getting their computing resources diverted to mining fresh units of Monero, Ethereum and Bytecoin on behalf of leeching attackers. However, closer inspection reveals how cryptojacking morphed out of the ransomware plague of 2015 and 2016. You can mine them, if you have a powerful CPU.

Mining 151

The City of Durham shut down its network after Ryuk Ransomware attack

Security Affairs

The City of Durham, North Carolina, was the last victim in order of time of the infamous Ryuk ransomware that infected its systems. The City of Durham, North Carolina was forced to shut down its network after its systems have been infected with the Ryuk Ransomware during the weekend.

Old Malware Gives Criminals Tricky New Choice: Ransomware or Mining

Threatpost

The Rakhni Trojan is now giving bad actors the ability to infect victims either with a ransomware cryptor or a miner. Malware Vulnerabilities Crypto Cryptocurrency Cryptominer Email Spam malware miner Rakhni Trojan Spam Trojan Worm

The Long Run of Shade Ransomware

Security Affairs

Since the beginning of the year, security firms observed a new intense ransomware campaign spreading the Shade ransomware. Between January and February, a new, intense, ransomware campaign has been observed by many security firms. Table 1: shade ransomware informations.

XBash Malware Packs Double Punch: Destroys Data and Mines for Crypto Coins

Threatpost

A newly discovered malware has different capabilities for Windows and Linux systems, including ransomware and cryptomining. Hacks Malware Vulnerabilities data destruction iron group Linux macOS malware ransomware Windows xbash

Ransomware, Trojan and Miner together against “PIK-Group”

Security Affairs

Security expert Marco Ramilli analyzed a new piece of malware apparently designed to target PIK-Group that implements ransomware , Trojan, and Miner capabilities. The second stage drops and executes three additional modules: a backdoor, a Miner and finally a quite known Ransomware.

Ransomware, Leakware, Scareware… Oh My!

Thales eSecurity

Because the never-ending battle against the evil forces of the dark web continues with regard to ransomware and its ghoulish close cousins – leakware and scareware. Actors on the dark web, hiding behind their dark masks of anonymity, continue to brew their devilish ransomware potions.

Crypto Miners May Be the ‘New Payload of Choice’ for Attackers

Threatpost

Crypto mining botnets provide a stealthy way to generate big bucks, without the downsides of ransomware. Malware Web Security Botnets Cisco Talos Cryptocurrency malware mining Monero ransomware

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. The report’s findings reveal that email remains the main method of delivering ransomware, banking Trojans, and backdoors.

Ransomware attacks drop as organizations raise defenses

Information Management Resources

Cybersecurity professionals reporting that cryptocurrency mining is on the rise. Ransomware Cyber security Phishing Malware

MY TAKE: The no. 1 reason ransomware attacks persist: companies overlook ‘unstructured data’

The Last Watchdog

One reason for the enduring waves of ransomware is that unstructured data is easy for hackers to locate and simple for them to encrypt. But with no orderly internal framework, unstructured data defies data mining tools. Ransomware target. Gartner analysts estimate that over 80 percent of enterprise data is unstructured and is growing up to 65 percent a year, enticing cyber criminals to mine the mother lode. Ransomware “is encrypting files, unstructured data.”

Malware Leveraging PowerShell Grew 432% in 2017

Dark Reading

Cryptocurrency mining and ransomware were other major threats

Weekly podcast: Australian Cabinet Files, Matt Hancock MP’s app and Monero mining

IT Governance

Finally, have we reached ‘peak ransomware’? After all, why lock users’ machines and demand a ransom that they might not even pay when you can just infect their machine with software that mines for cryptocurrency without their knowledge? Wait a moment – cryptocurrency mining ? Let’s just say mining entails solving complex mathematical calculations for a cryptocurrency reward and it requires a lot of processing power because it’s complicated.

Zyxel Fixes 0day in Network Storage Devices

Krebs on Security

Patch comes amid active exploitation by ransomware gangs. “In some cases, it is possible to exchange your 0day with my existing 0day, or sell mine,” his Russian-language profile reads.

IoT 196

Malware Moves: Attackers Retool for Cryptocurrency Theft

Data Breach Today

New and Repurposed Attack Code Steals Passwords, Drops Miners and Ransomware Cybercrime gangs continue to update or issue fresh versions of malware to mine for cryptocurrency, deliver crypto-locking ransomware, steal passwords and facilitate online bank account heists, according to new research reports.

New XBash malware combines features from ransomware, cryptocurrency miners, botnets, and worms

Security Affairs

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. The malicious code combines features from different families of malware such as ransomware, cryptocurrency miners, botnets, and worms.

Kaspersky Deems Crypto-jacking the New Ransomware as Crypto-miners up Their Game

The Security Ledger

Because of its potential to earn hackers millions in a steady stream of cash, Kaspersky Labs has deemed crypto-jacking the new ransomware in a report that arrived just as researchers spotted two new types of malware targeting the growing popularity of cryptocurrencies. In its report released last Wednesday, Kaspersky declared that crypto-mining. Consumer Kaspersky Lab Malware Reports Top Stories Vulnerabilities Cryptocurrency malware ransomware reports trends vulnerabilities

Report: Small, Stealthy Groups Behind Worst Cybercrimes

The Security Ledger

Still, low-level criminal activity on the dark web still poses the most widespread and immediate security threat, with cryptocurrency mining, ransomware and malware all on the rise, a recent report has found.

ZombieBoy, a new Monero miner that allows to earn $1,000 on a monthly basis

Security Affairs

A security researcher discovered a new crypto mining worm dubbed ZombieBoy that leverages several exploits to evade detection. The ZombieBoy mine leverages several exploits, including: CVE-2017-9073, RDP vulnerability on Windows XP and Windows Server 2003.

List of data breaches and cyber attacks in August 2019 – 114.6 million records leaked

IT Governance

French police ‘neutralize’ Monero mining virus as it spreads worldwide (850,000). Ransomware. Ransomware strain targets German organisations, wipes files (unknown). Oklahoma-based Broken Arrow school system hit by ransomware (unknown).

Hacking Police Bodycams

Schneier on Security

Suprising no one, the security of police bodycams is terrible. Mitchell even realized that because he can remotely access device storage on models like the Fire Cam OnCall, an attacker could potentially plant malware on some of the cameras.

Cybersecurity Awareness Month Blog Series: Alright boys, it’s time we have “The Talk”

Thales eSecurity

With a little more investigation, I found two browser extensions that were crypto mining, which fortunately uninstalled without a problem. My high schooler fessed up immediately that he installed the crypto mining extensions just to see what would happen (and to make some money).

Q&A: Here’s why Android users must remain vigilant about malicious apps, more so than ever

The Last Watchdog

Chrysaidos: In addition to evolving adware and spyware, bad actors in previous years tried to monetize through locking the mobile device, and then scaring the user into paying a ransom to unlock it – that kind of malware is called ransomware. Ransomware evolved into cryptomining, in which the device is stealthily used to participate in the mining of cryptocurrencies, with the coins delivered to the threat actor.

Hackers abuse BitBucket to infect 500K+ hosts with arsenal of malware

Security Affairs

The arsenal of attackers includes data stealers, cryptocurrency miners, and ransomware, that literally hit victims from all sides. STOP Ransomware : The STOP Ransomware is used to ransom the file system and is based on an open source ransomware platform.

List of data breaches and cyber attacks in February 2018

IT Governance

Instead, cyber criminals seem to have shifted their focus to ransomware. Ransomware works because it relies on users’ lax security practices. Cyber attack and ransomware. Ransomware attacks hit two Ontario children’s aid societies.

Security Affairs newsletter Round 223 – News of the week

Security Affairs

Emsisoft released a free decryptor for the Ims00rry ransomware. DoppelPaymer, a fork of BitPaymer Ransomware, appeared in the threat landscape. Israel surveillance firm NSO group can mine data from major social media. A new round of the weekly SecurityAffairs newsletter arrived!

French Police remotely disinfected 850,000 PCs from RETADUP bot

Security Affairs

The Retadup bot has been around since at least 2015, it was involved in several malicious campaigns aimed at delivering malware such as information stealers, ransomware and miners.

Mining 109

Graboid the first-ever Cryptojacking worm that targets Docker Hub

Security Affairs

Graboid is the first-ever Cryptojacking worm found in images on Docker Hub, the analysis conducted by the experts shows that, on average, each miner is active 63% of the time, with the mining periods being of 250 seconds.

Security Affairs newsletter Round 203 – News of the week

Security Affairs

B0r0nt0K ransomware demands $75,000 ransom to the victims. CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019. Ransomware, Trojan and Miner together against PIK-Group. A new round of the weekly SecurityAffairs newsletter arrived!

MY TAKE: Why DDoS weapons will proliferate with the expansion of IoT and the coming of 5G

The Last Watchdog

They are also extending their malicious activities beyond DDoS attacks to also spread ransomware, crypto mine and burrow deep into large enterprises. A couple of high-profile distributed denial-of-service (DDoS) attacks will surely go down in history as watershed events – each for different reasons. Related: IoT botnets now available for economical DDoS blasts.

IoT 209

Security Affairs newsletter Round 173 – News of the week

Security Affairs

A new round of the weekly SecurityAffairs newsletter arrived! The best news of the week with Security Affairs. Let me inform you that my new book, “Digging in the Deep Web” is online with a special deal. 20% discount. Kindle Edition. Paper Copy.

SHARED INTEL: Here’s one way to better leverage actionable intel from the profusion of threat feeds

The Last Watchdog

Or it could be a botnet node carrying out tasks to destroy or exfiltrate data; or to put the attacker in a position to take over industrial controls, or to encrypt targeted assets as part of a ransomware caper. “We Many hosts within the network can be infected and it may not show up, but we’re able to identify the identify the host’s IP address that might be, say, exfiltrating data or performing other malicious acts such as crypto mining, etc.”

Microsoft warns of more disruptive BlueKeep attacks and urges patch installation

Security Affairs

” A new wave of attacks could exploit the vulnerability to spread more dangerous and destructive malware, like ransomware or spyware. Microsoft is warning once again of more BlueKeep attacks that could deliver disruptive payloads and urges organizations to patch their systems.

Weekly podcast: Browsealoud cryptojacking, Bee Token phishing and Olympic attacks

IT Governance

This week, we discuss the use of cryptocurrency mining software on numerous government websites, a phishing scam that robbed Bee Token investors of $1 million and cyber attacks on the Pyeongchang Winter Olympics.

GUEST ESSAY: What your company should know about addressing Kubernetes security

The Last Watchdog

Under attackers’ control, enterprise Kubernetes deployments are being used to distribute ransomware, perform cryptomining, breach sensitive data, and other nefarious and damaging activities. The recent Tesla crypto-mining attack used an unprotected Kubernetes console to gain access to the underlying servers. Kubernetes is one of many key enabling technologies of digital transformation that has tended to remain obscure to non-technical company decision makers.

Mining 131