16 Apr 2021

Attackers Target ProxyLogon Exploit to Install Cryptojacker

Compromised Exchange servers were targeted by threat actors to host malicious Monero cryptominer. Any unpatched exchange servers are now vulnerable to Cryptojacking in the ProxyLogon exploit. The Exchange servers were compromised and were infected with ransomware and webshells to host Monero. The exploit is referred to as the ProxyLogon exploit.

Read More
09 Apr 2021

Washington State educational organizations targeted in cryptojacking spree

Palo Alto Networks recently released an advisory warning that several recent crypto-jacking incidents have targeted education institutions in Washington State. Crypto-jacking is a type of cyberattack in which attackers use deception tactics to install cryptocurrency mining components that leech off of computational power without being noticed or detected. Different types

Read More
26 Feb 2021

National Lab Creates Technology to Detect Cryptocurrency Mining Malware

The Idaho National Laboratory has crafted technology that can successfully detect cryptocurrency mining malware and is now seeking an external partner with the appropriate expertise to bring it to market. The technology detects hidden malware that exploits infected computing systems’ resources to mine digital currencies, according to the national lab.

Read More
08 Jan 2020

Cryptojacking Drops by 78% in Southeast Asia After INTERPOL Action

After intervention coordinated by the International Criminal Police Organization (INTERPOL), the number of routers infected with coin miners in Southeast Asia dropped by 78%. INTERPOL is an inter-governmental organization that joins police forces from 194 countries in combating crime in various regions across the globe. INTERPOL’s operation in Southeast Asia

Read More
27 Nov 2019

‘Dexphot’: A Sophisticated, Everyday Threat

A new report by Microsoft detailing the evolution of the Dexphot cryptomining malware highlights how even more everyday cyber threats are getting increasingly sophisticated. Dexphot was first detected in October of last year and has compromised tens of thousands of machines since then. While Dexphot has received relatively little attention,

Read More
08 Nov 2019

Microsoft Warns of More Harmful Windows BlueKeep Attacks, Patch Now

Research by Microsoft shows that the new campaign in which attackers exploit RDP instances vulnerable to the BlueKeep vulnerability in order to install cryptojacking malware, is likely tied to a cryptojacking campaign observed in September of this year. BlueKeep is a critical remote code execution flaw affecting RDP services on

Read More
04 Nov 2019

The First BlueKeep Mass Hacking Is Finally Here—but Don’t Panic

Threat actors are actively exploiting the critical BlueKeep flaw that impacts Remote Desktop Protocol (RDP) implementations on unpatched older Windows operating systems. Microsoft and other companies have warned that the flaw, tracked as CVE-2019-0708, is very dangerous because it could be used by attackers to carry out a massive attack

Read More
30 Oct 2019

The nastiest ransomware, phishing and botnets of 2019

According to a new Webroot report, the nastiest ransomware threat of 2019 was the Emotet – Trickbot – Ryuk attack chain that resulted in massive financial losses for targeted organizations. The Trickbot – Ryuk combination also features on the list separately, taking the second spot. Other top ransomware threats were

Read More
18 Oct 2019

European Airport Systems Infected With Monero-Mining Malware

Researchers with Cyberbit recently detected cryptojacking malware infections on over half of all computing systems at an undisclosed international airport in Europe. Cryptojacking refers to the illegitimate use of a system’s resourcing powers for mining cryptocurrency. In this case, the malware was mining Monero cryptocurrency. The malware had made its

Read More
17 Oct 2019

.WAVs Hide Malware in Their Depths in Innovative Campaign

Security researchers with BlackBerry Cylance have spotted a new sophisticated campaign that spreads cryptojacking malware and a backdoor via .WAV audio files. The malware is embedded in the audio data and loaded when an infected file is played. Some of the malicious audio samples played music without glitches, while others

Read More