Keep Your Home Warm with this cryptomining heater

By Waqas Recently, a French startup Quarnot introduced a cryptomining heater that This is a post from HackRead.com Read the original post: Keep Your Home Warm with this cryptomining heater...

Cryptomining is all the rage among hackers, as DDoS amplification attacks continue

In this week’s InfoSec news review we’ll dive into cryptomining, get the latest on DDoS amplification, go over recent data breaches, and check out another vendor claiming it can crack iPhones. I, me, mine The freight train that’s cryptomining shows no sign of slowing down, and the cyber security...

RedisWannaMine Unveiled: New Cryptojacking Attack Powered by Redis and NSA Exploits

Recently cryptojacking attacks have been spreading like wildfire. At Imperva we have witnessed it firsthand and even concluded that these attacks hold roughly 90% of all remote code execution attacks in web applications. Having said that, all of the attacks we have seen so far, were somewhat...

Week in security (February 26 – March 4)

Last week on Malwarebytes Labs, we explained how to protect your computer from malicious cryptomining, we gave an encryption 101 lesson using ShiOne ransomware as a case study, and we offered an explanation about SQL injection. We also released a report on the state of malicious cryptomining from...

Cryptomining Gold Rush: One Gang Rakes In $7M Over 6 Months

The bloom is on the criminal cryptomining of computer resources and the reason is obvious – it’s lucrative. One cryptomining gang tracked by researchers over the past six months minted $7 million with the help of 10,000 computers infected with mining malware. The rise of malicious cryptomining...

Cryptomining Rules Endpoints Around Me (Get the Monero)

If you know me then you know how much I love the Wu. You also know how much I love infosec. I thought this particular topic worthy to marry the two. The Saga Continues for the ownership of endpoints. Organizations purchase them, manage them, update, support, and protect them. However, the bad...

Mirai Variant ‘OMG’ Turns IoT Devices into Proxy Servers for Cryptomining

By Waqas Mirai IoT bot malware is one such piece of malicious This is a post from HackRead.com Read the original post: Mirai Variant 'OMG' Turns IoT Devices into Proxy Servers for Cryptomining...

How to protect your computer from malicious cryptomining

Noticing that your computer is running slow? While sometimes a telltale sign of infection, these days that seems doubly true. And the reason is: malicious cryptomining. So, what, exactly, is it? We'll tell you how bad this latest malware phenomenon is for you and your computer, plus what you can ...

The state of malicious cryptomining

While cryptocurrencies have been around for a long time and used for legitimate purposes, online criminals have certainly tarnished their reputation. Unfortunately, the same benefits offered by these decentralized and somewhat anonymous digital currencies were quickly abused to extort money, as w...

A week in security (February 12 – February 18)

Last week on Malwarebytes Labs, we looked at a huge Android cryptomining campaign, malicious apps on Google Play, and some Apple scams doing the rounds. We also explored the world of healthcare security, and dived into the land of scammy Valentine's Day tricks and cheats. Other news Thought the...

Flaw in Telegram Windows App Used for Cryptomining & Backdoor

By Waqas Another day, another popular app compromised to drop backdoor and conduct This is a post from HackRead.com Read the original post: Flaw in Telegram Windows App Used for Cryptomining & Backdoor...

Millions of Android Phones Hacked to Mine Monero Coins

By Waqas Newly Identified Drive-by Monero Cryptomining Campaign Targeted Millions of Android This is a post from HackRead.com Read the original post: Millions of Android Phones Hacked to Mine Monero Coins...

Unicode Technique Used to Deliver Cryptomining Malware Through Telegram

Attackers are using the time-tested right-to-left override technique to deliver cryptomining malware through the popular Telegram messaging application, say researchers. The right-to-left RLO technique uses Unicode to hide malicious file names and trick users into executing what appear to be beni...

A week in security (February 5 – February 11)

Last week on Malwarebytes Labs, we featured a new Flash Player zero-day that has been found in recent targeted attacks. And we talked about a new trick to cripple browsers that came out of the hat of tech support scammers. We also covered several methods of stealing cryptocurrencies, including on...

Drive-by cryptomining campaign targets millions of Android users

Malvertising and online fraud through forced redirects and Trojanized apps—to cite the two most common examples—are increasingly plaguing Android users. In many cases, this is made worse by the fact that people often don't use web filtering or security applications on their mobile devices. A...

A week in security (January 29 – February 04)

Last week on Labs, we looked into PUPs stealing and using mainstream logos of security and tech companies to further gain user trust, GandCrab and Scarab ransomware variants in the wild, and a new Mac malware called OSX.CreativeUpdater that can be distributed via MacUpdate. We also profiled...

Keylogger Campaign Returns, Infecting 2,000 WordPress Sites

Over 2,000 WordPress sites are infected with a malicious script that can deliver both a keylogger and the in-browser cryptocurrency miner CoinHive. Researchers at Sucuri who made the discovery, said the recent campaign is tied to threat actors behind a December 2017 campaign that infected over...

Presenting: Malwarebytes Labs 2017 State of Malware Report

2017 was a tumultuous year in politics, media, gender, race—and cybersecurity didn’t beat the rap. Last year was full of twists and turns in the cybercrime world, with major outbreaks, new infection methods, and the evolution of the cryptocurrency crime industry. In aiming to make sense of the...

Attackers Exploit Oracle WebLogic Flaw to Mine $266K in Monero

By Waqas Another day, another Monero cryptomining campaign and this time attackers exploited This is a post from HackRead.com Read the original post: Attackers Exploit Oracle WebLogic Flaw to Mine $266K in Monero...

RIG exploit kit campaign gets deep into crypto craze

There isn't a day that goes by without a headline about yet another massive spike in Bitcoin valuation, or a story about someone mortgaging their house to purchase the hardware required to become a serious cryptocurrency miner. If many folks are thinking about joining the 'crypto craze' movement,...