mastodon.ie

1 post1 participant0 posts today

OTX BotMining in Plain Sight: The VS Code Extension Cryptojacking CampaignA sophisticated cryptomining campaign has been discovered targeting developers through seemingly legitimate VS Code extensions. The campaign, potentially reaching over one million installations, involves fake extensions published by three different authors. These extensions secretly download a PowerShell script that disables Windows security, establishes persistence, and installs an XMRig cryptominer. The most successful fake extension gained 189K installs. The attackers created a multi-stage attack, even installing legitimate extensions they impersonated to avoid suspicion. The campaign published ten different malicious extensions, with the top three showing unusually high install counts, suggesting artificial inflation. The extensions share identical code and communicate with the same C2 server. The PowerShell script sets up persistence mechanisms, disables Windows security services, and attempts privilege escalation.Pulse ID: 67f4ffb4bf1e842db102d8bd Pulse Link: <a href="https://otx.alienvault.com/pulse/67f4ffb4bf1e842db102d8bd" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/67f4ffb4bf1e842db102d8bd</a> Pulse Author: AlienVault Created: 2025-04-08 10:51:32Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/CryptoJacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoJacking</a> <a href="https://social.raytec.co/tags/CryptoMiner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoMiner</a> <a href="https://social.raytec.co/tags/CryptoMining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoMining</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/PowerShell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PowerShell</a> <a href="https://social.raytec.co/tags/SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SMS</a> <a href="https://social.raytec.co/tags/Windows" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Windows</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/developers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#developers</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

ResearchBuzz: FirehoseTom’s Hardware: Bitcoin miners front-running tariffs by scrambling to ship thousands of machines before penalties hit. “Luxor Technology, a Bitcoin mining software and services company building machines in Thailand, is in a quandary: It needs to ship 5,600 units before the tariffs hit. Lauren Lin, Head of Technology at Luxor, told Bloomberg that they’re considering chartering a flight to […]<a href="https://rbfirehose.com/2025/04/05/toms-hardware-bitcoin-miners-front-running-tariffs-by-scrambling-to-ship-thousands-of-machines-before-penalties-hit/" class="" rel="nofollow noopener noreferrer" target="_blank">https://rbfirehose.com/2025/04/05/toms-hardware-bitcoin-miners-front-running-tariffs-by-scrambling-to-ship-thousands-of-machines-before-penalties-hit/</a>

Calishat<a href="https://researchbuzz.masto.host/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://researchbuzz.masto.host/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> <a href="https://researchbuzz.masto.host/tags/tariffs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tariffs</a> <a href="https://www.tomshardware.com/tech-industry/cryptomining/bitcoin-miners-front-running-tariffs-by-scrambling-to-ship-thousands-of-machines-before-penalties-hit" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.tomshardware.com/tech-industry/cryptomining/bitcoin-miners-front-running-tariffs-by-scrambling-to-ship-thousands-of-machines-before-penalties-hit</a>

IT NewsBitcoin miners front-running tariffs by scrambling to ship thousands of machines before penalties hit - Before tariffs apply, bitcoin mining hardware manufacturers... - <a href="https://www.tomshardware.com/tech-industry/cryptomining/bitcoin-miners-front-running-tariffs-by-scrambling-to-ship-thousands-of-machines-before-penalties-hit" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.tomshardware.com/tech-industry/cryptomining/bitcoin-miners-front-running-tariffs-by-scrambling-to-ship-thousands-of-machines-before-penalties-hit</a> <a href="https://schleuss.online/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://schleuss.online/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> <a href="https://schleuss.online/tags/techindustry" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#techindustry</a>

Bytes EuropeTrump Brothers Help Launch Crypto-Mining Venture <a href="https://www.byteseu.com/881563/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.byteseu.com/881563/</a> <a href="https://pubeurope.com/tags/bitcoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bitcoin</a> <a href="https://pubeurope.com/tags/BitcoinMining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BitcoinMining</a> <a href="https://pubeurope.com/tags/blockchain" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#blockchain</a> <a href="https://pubeurope.com/tags/Crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Crypto</a> <a href="https://pubeurope.com/tags/CryptoMining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoMining</a> <a href="https://pubeurope.com/tags/Cryptocurrencies" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cryptocurrencies</a> <a href="https://pubeurope.com/tags/CryptoCurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoCurrency</a> <a href="https://pubeurope.com/tags/DigitalAssets" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DigitalAssets</a> <a href="https://pubeurope.com/tags/DonaldTrump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DonaldTrump</a> <a href="https://pubeurope.com/tags/DonaldTrumpJr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DonaldTrumpJr</a>. <a href="https://pubeurope.com/tags/EricTrump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#EricTrump</a> <a href="https://pubeurope.com/tags/Hut8" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Hut8</a> <a href="https://pubeurope.com/tags/News" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#News</a> <a href="https://pubeurope.com/tags/partnerships" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#partnerships</a> <a href="https://pubeurope.com/tags/PYMNTSNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PYMNTSNews</a> <a href="https://pubeurope.com/tags/What" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#What</a>'sHot

ResearchBuzz: FirehoseBBC: Bitcoin in the bush – the crypto mine in remote Zambia. “Water and electronic equipment don’t usually mix well but it’s precisely the proximity to the river that’s drawn bitcoiners here. Philip [Walton]’s mine is plugged directly into a hydro-electric power plant that channels some of the Zambezi’s torrent through enormous turbines to generate continuous, clean electricity. More […]<a href="https://rbfirehose.com/2025/03/28/bbc-bitcoin-in-the-bush-the-crypto-mine-in-remote-zambia/" class="" rel="nofollow noopener noreferrer" target="_blank">https://rbfirehose.com/2025/03/28/bbc-bitcoin-in-the-bush-the-crypto-mine-in-remote-zambia/</a>

Calishat<a href="https://researchbuzz.masto.host/tags/Africa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Africa</a> <a href="https://researchbuzz.masto.host/tags/Zambia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Zambia</a> <a href="https://researchbuzz.masto.host/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://researchbuzz.masto.host/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> "Water and electronic equipment don't usually mix well but it's precisely the proximity to the river that's drawn bitcoiners here. Philip [Walton]'s mine is plugged directly into a hydro-electric power plant that channels some of the Zambezi's torrent through enormous turbines to generate continuous, clean electricity. More importantly for bitcoin mining - it's cheap."<a href="https://www.bbc.com/news/articles/cly4xe373p4o" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bbc.com/news/articles/cly4xe373p4o</a>

Bytes EuropePi Network cryptocurrency crashes 55%: Pi Coin price falls below $1.5 as KYC deadline looms—Can Binance listing help? <a href="https://www.byteseu.com/820997/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.byteseu.com/820997/</a> <a href="https://pubeurope.com/tags/Crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Crypto</a> <a href="https://pubeurope.com/tags/CryptoAlerts" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoAlerts</a> <a href="https://pubeurope.com/tags/CryptoMining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoMining</a> <a href="https://pubeurope.com/tags/CryptoTrading" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoTrading</a> <a href="https://pubeurope.com/tags/CryptoCurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoCurrency</a> <a href="https://pubeurope.com/tags/CryptocurrencyPiNetwork" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptocurrencyPiNetwork</a> <a href="https://pubeurope.com/tags/PiCoin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PiCoin</a> <a href="https://pubeurope.com/tags/PiCoinKyc" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PiCoinKyc</a> <a href="https://pubeurope.com/tags/PiCoinKycLastDate" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PiCoinKycLastDate</a> <a href="https://pubeurope.com/tags/PiCoinPrice" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PiCoinPrice</a> <a href="https://pubeurope.com/tags/PiNetwork" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PiNetwork</a> <a href="https://pubeurope.com/tags/PiNetworkPrice" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#PiNetworkPrice</a>

DoomsdaysCWNew partnership to bring <a href="https://kolektiva.social/tags/nuclear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#nuclear</a> technology to a <a href="https://kolektiva.social/tags/CryptoMining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoMining</a> plant in <a href="https://kolektiva.social/tags/NorthTonawanda" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NorthTonawanda</a>Story by Prabhat Ranjan Mishra, January 8, 2025"A new collaboration between the two companies could bring nuclear technology to a crypto-mining plant in North Tonawanda.The memorandum of understanding signed between Digihost and <a href="https://kolektiva.social/tags/NANONuclear" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NANONuclear</a> in December is aimed at bringing nuclear reactor technology to the <a href="https://kolektiva.social/tags/Digihost" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Digihost</a>’s current crypto mining plant in <a href="https://kolektiva.social/tags/ErieAvenue" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ErieAvenue</a>."Read more: <a href="https://www.msn.com/en-us/technology/tech-companies/new-partnership-to-bring-nuclear-technology-to-a-crypto-mining-plant-in-north-tonawanda/ar-AA1xbZub" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.msn.com/en-us/technology/tech-companies/new-partnership-to-bring-nuclear-technology-to-a-crypto-mining-plant-in-north-tonawanda/ar-AA1xbZub</a> <a href="https://kolektiva.social/tags/NoNukesForAI" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NoNukesForAI</a> <a href="https://kolektiva.social/tags/CryptoCurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoCurrency</a> <a href="https://kolektiva.social/tags/NoNukes" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NoNukes</a> <a href="https://kolektiva.social/tags/NuclearWaste" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NuclearWaste</a> <a href="https://kolektiva.social/tags/Terminator" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Terminator</a> <a href="https://kolektiva.social/tags/NewYorkState" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NewYorkState</a>

Simon Roses FemerlingIs crypto mining still a thing? <a href="https://infosec.exchange/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://infosec.exchange/tags/CryptoMining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoMining</a>

IT NewsYearlong supply-chain attack targeting security pros steals 390K credentials - A sophisticated and ongoing supply-chain attack operating for the past yea... - <a href="https://arstechnica.com/security/2024/12/yearlong-supply-chain-attack-targeting-security-pros-steals-390k-credentials/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://arstechnica.com/security/2024/12/yearlong-supply-chain-attack-targeting-security-pros-steals-390k-credentials/</a> <a href="https://schleuss.online/tags/supplychainattacks" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#supplychainattacks</a> <a href="https://schleuss.online/tags/credentialtheft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#credentialtheft</a> <a href="https://schleuss.online/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> <a href="https://schleuss.online/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://schleuss.online/tags/biz" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#biz</a>⁢ <a href="https://schleuss.online/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#github</a> <a href="https://schleuss.online/tags/npm" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#npm</a>

Pyrzout :vm:“CP3O” pleads guilty to multi-million dollar cryptomining scheme – Source: www.bitdefender.com <a href="https://ciso2ciso.com/cp3o-pleads-guilty-to-multi-million-dollar-cryptomining-scheme-source-www-bitdefender-com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://ciso2ciso.com/cp3o-pleads-guilty-to-multi-million-dollar-cryptomining-scheme-source-www-bitdefender-com/</a> <a href="https://social.skynetcloud.site/tags/rssfeedpostgeneratorecho" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#rssfeedpostgeneratorecho</a> <a href="https://social.skynetcloud.site/tags/CyberSecurityNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurityNews</a> <a href="https://social.skynetcloud.site/tags/grahamcluleycom" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#grahamcluleycom</a> <a href="https://social.skynetcloud.site/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://social.skynetcloud.site/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> <a href="https://social.skynetcloud.site/tags/Grahamcluley" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Grahamcluley</a> <a href="https://social.skynetcloud.site/tags/Guestblog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Guestblog</a> <a href="https://social.skynetcloud.site/tags/Law%E2%84%B4" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lawℴ</a> <a href="https://social.skynetcloud.site/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://social.skynetcloud.site/tags/Amazon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Amazon</a>

Pyrzout :vm:“CP3O” pleads guilty to multi-million dollar cryptomining scheme <a href="https://www.bitdefender.com/en-us/blog/hotforsecurity/cp3o-pleads-guilty-to-multi-million-dollar-cryptomining-scheme" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bitdefender.com/en-us/blog/hotforsecurity/cp3o-pleads-guilty-to-multi-million-dollar-cryptomining-scheme</a> <a href="https://social.skynetcloud.site/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://social.skynetcloud.site/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> <a href="https://social.skynetcloud.site/tags/Guestblog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Guestblog</a> <a href="https://social.skynetcloud.site/tags/Law%E2%84%B4" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Lawℴ</a> <a href="https://social.skynetcloud.site/tags/Microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Microsoft</a> <a href="https://social.skynetcloud.site/tags/Amazon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Amazon</a>

ITSEC News“CP3O” pleads guilty to multi-million dollar cryptomining scheme - A man faces up to 20 years in prison after pleading guilty to charges related to an illeg... <a href="https://www.bitdefender.com/en-us/blog/hotforsecurity/cp3o-pleads-guilty-to-multi-million-dollar-cryptomining-scheme" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bitdefender.com/en-us/blog/hotforsecurity/cp3o-pleads-guilty-to-multi-million-dollar-cryptomining-scheme</a> <a href="https://schleuss.online/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://schleuss.online/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> <a href="https://schleuss.online/tags/guestblog" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#guestblog</a> <a href="https://schleuss.online/tags/law%E2%84%B4" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#lawℴ</a> <a href="https://schleuss.online/tags/microsoft" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#microsoft</a> <a href="https://schleuss.online/tags/amazon" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#amazon</a>

Manuel BisseyAn unknown attacker is abusing exposed Docker Remote API servers to deploy perfctl <a href="https://cyberplace.social/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> <a href="https://cyberplace.social/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a> on victims' systems 🤖👩‍💻<a href="https://go.theregister.com/feed/www.theregister.com/2024/10/24/perfctl_malware_strikes_again/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://go.theregister.com/feed/www.theregister.com/2024/10/24/perfctl_malware_strikes_again/</a>

Pyrzout :vm:New Crypto Trojan.AutoIt.1443 Hits 28,000 Users via Game Cheats, Office Tool <a href="https://hackread.com/trojan-autoit-1443-hits-users-game-cheats-office-tool/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hackread.com/trojan-autoit-1443-hits-users-game-cheats-office-tool/</a> <a href="https://social.skynetcloud.site/tags/TrojanAutoIt1443" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TrojanAutoIt1443</a> <a href="https://social.skynetcloud.site/tags/Cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cryptocurrency</a> <a href="https://social.skynetcloud.site/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://social.skynetcloud.site/tags/Cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cryptomining</a> <a href="https://social.skynetcloud.site/tags/CyberAttack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberAttack</a> <a href="https://social.skynetcloud.site/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://social.skynetcloud.site/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://social.skynetcloud.site/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.skynetcloud.site/tags/Scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Scam</a>

OTX BotSIEM agent being used in SilentCryptoMiner attacksA global malware campaign targeting mainly Russian-speaking users has been distributing cryptocurrency mining malware through fake software download sites, Telegram channels, and YouTube videos. The multi-stage infection chain uses unusual techniques for persistence and evasion, including hiding malicious payloads in legitimate file signatures and abusing the Wazuh SIEM agent as a backdoor. The final payload injects the SilentCryptoMiner into explorer.exe to mine cryptocurrencies like Monero. The attackers use SEO poisoning, social engineering, and multiple persistence mechanisms to maintain access. While primarily focused on cryptomining, some variants can also steal cryptocurrency wallet addresses and take screenshots.Pulse ID: 6703a4b33a02dffbd52f2427 Pulse Link: <a href="https://otx.alienvault.com/pulse/6703a4b33a02dffbd52f2427" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://otx.alienvault.com/pulse/6703a4b33a02dffbd52f2427</a> Pulse Author: AlienVault Created: 2024-10-07 09:06:59Be advised, this data is unverified and should be considered preliminary. Always do further verification.<a href="https://social.raytec.co/tags/BackDoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#BackDoor</a> <a href="https://social.raytec.co/tags/CryptoMiner" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoMiner</a> <a href="https://social.raytec.co/tags/CryptoMining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoMining</a> <a href="https://social.raytec.co/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CyberSecurity</a> <a href="https://social.raytec.co/tags/InfoSec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#InfoSec</a> <a href="https://social.raytec.co/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> <a href="https://social.raytec.co/tags/OTX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OTX</a> <a href="https://social.raytec.co/tags/OpenThreatExchange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenThreatExchange</a> <a href="https://social.raytec.co/tags/Russia" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Russia</a> <a href="https://social.raytec.co/tags/SEOPoisoning" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SEOPoisoning</a> <a href="https://social.raytec.co/tags/SMS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SMS</a> <a href="https://social.raytec.co/tags/SocialEngineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SocialEngineering</a> <a href="https://social.raytec.co/tags/Telegram" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Telegram</a> <a href="https://social.raytec.co/tags/YouTube" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#YouTube</a> <a href="https://social.raytec.co/tags/bot" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bot</a> <a href="https://social.raytec.co/tags/cryptocurrency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptocurrency</a> <a href="https://social.raytec.co/tags/AlienVault" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#AlienVault</a>

securityaffairsNew <a href="https://infosec.exchange/tags/Perfctl" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Perfctl</a> <a href="https://infosec.exchange/tags/Malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Malware</a> targets <a href="https://infosec.exchange/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> servers in <a href="https://infosec.exchange/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> campaign <a href="https://securityaffairs.com/169351/malware/perfctl-malware-targets-misconfigured-linux-servers.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityaffairs.com/169351/malware/perfctl-malware-targets-misconfigured-linux-servers.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a>

Anonymous 🐈️🐾☕🍵🏴🇵🇸 :af:🔥 Selenium Grid Targeted for <a href="https://kolektiva.social/tags/CryptoMining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#CryptoMining</a>!Default no-auth settings make it a prime target for attackers injecting crypto miners and proxyjacking scripts.<a href="https://thehackernews.com/2024/09/exposed-selenium-grid-servers-targeted.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://thehackernews.com/2024/09/exposed-selenium-grid-servers-targeted.html</a>Lock it down now!

securityaffairsThreat actors exploit <a href="https://infosec.exchange/tags/Atlassian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Atlassian</a> <a href="https://infosec.exchange/tags/Confluence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Confluence</a> bug in <a href="https://infosec.exchange/tags/cryptomining" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cryptomining</a> campaigns <a href="https://securityaffairs.com/167813/cyber-crime/atlassian-confluence-data-center-confluence-server-cryptocurrency-mining-campaigns.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://securityaffairs.com/167813/cyber-crime/atlassian-confluence-data-center-confluence-server-cryptocurrency-mining-campaigns.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#malware</a>

Recent searches

Search options

Administered by:

Server stats:

#cryptomining