Compromised Exchange servers were targeted by threat actors to host malicious Monero cryptominer. Any unpatched exchange servers are now vulnerable to Cryptojacking in the ProxyLogon exploit. The Exchange servers were compromised and were infected with ransomware and webshells to host Monero. The exploit is referred to as the ProxyLogon exploit.
Palo Alto Networks recently released an advisory warning that several recent crypto-jacking incidents have targeted education institutions in Washington State. Crypto-jacking is a type of cyberattack in which attackers use deception tactics to install cryptocurrency mining components that leech off of computational power without being noticed or detected. Different types
The Idaho National Laboratory has crafted technology that can successfully detect cryptocurrency mining malware and is now seeking an external partner with the appropriate expertise to bring it to market. The technology detects hidden malware that exploits infected computing systems’ resources to mine digital currencies, according to the national lab.
After intervention coordinated by the International Criminal Police Organization (INTERPOL), the number of routers infected with coin miners in Southeast Asia dropped by 78%. INTERPOL is an inter-governmental organization that joins police forces from 194 countries in combating crime in various regions across the globe. INTERPOL’s operation in Southeast Asia
A new report by Microsoft detailing the evolution of the Dexphot cryptomining malware highlights how even more everyday cyber threats are getting increasingly sophisticated. Dexphot was first detected in October of last year and has compromised tens of thousands of machines since then. While Dexphot has received relatively little attention,
Research by Microsoft shows that the new campaign in which attackers exploit RDP instances vulnerable to the BlueKeep vulnerability in order to install cryptojacking malware, is likely tied to a cryptojacking campaign observed in September of this year. BlueKeep is a critical remote code execution flaw affecting RDP services on
Threat actors are actively exploiting the critical BlueKeep flaw that impacts Remote Desktop Protocol (RDP) implementations on unpatched older Windows operating systems. Microsoft and other companies have warned that the flaw, tracked as CVE-2019-0708, is very dangerous because it could be used by attackers to carry out a massive attack
According to a new Webroot report, the nastiest ransomware threat of 2019 was the Emotet – Trickbot – Ryuk attack chain that resulted in massive financial losses for targeted organizations. The Trickbot – Ryuk combination also features on the list separately, taking the second spot. Other top ransomware threats were
Researchers with Cyberbit recently detected cryptojacking malware infections on over half of all computing systems at an undisclosed international airport in Europe. Cryptojacking refers to the illegitimate use of a system’s resourcing powers for mining cryptocurrency. In this case, the malware was mining Monero cryptocurrency. The malware had made its
Security researchers with BlackBerry Cylance have spotted a new sophisticated campaign that spreads cryptojacking malware and a backdoor via .WAV audio files. The malware is embedded in the audio data and loaded when an infected file is played. Some of the malicious audio samples played music without glitches, while others