224 matches found
Accidentally Crashing a Botnet
As part of our research into the cryptomining botnet kmsdbot, we rendered it useless...
The 8220 Cryptomining Gang massively expands Cloud Botnets
Threat Level Actor Report For a detailed advisory, download the pdf file here Summary The 8220 gang has significantly expanded their cloud bot armies around the world, targeting AWS, Azure, GCP, Alitun, and QCloud cloud service hosts. The group is being detected using a new version of the IRC...
This Cloud Botnet Has Hijacked 30,000 Systems to Mine Cryptocurrencies
The 8220 cryptomining group has expanded in size to encompass as many as 30,000 infected hosts, up from 2,000 hosts globally in mid-2021. "8220 Gang is one of the many low-skill crimeware gangs we continually observe infecting cloud hosts and operating a botnet and cryptocurrency miners through...
Over 1,200 NPM Packages Found Involved in "CuteBoi" Cryptomining Campaign
Researchers have disclosed what they say could be an attempt to kick-off a new large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. The malicious activity, attributed to a software supply chain threat actor dubbed CuteBoi, involves an array of 1,283 rogue...
Microsoft Warns of Cryptomining Malware Campaign Targeting Linux Servers
A cloud threat actor group tracked as 8220 has updated its malware toolset to breach Linux servers with the goal of installing crypto miners as part of a long-running campaign. "The updates include the deployment of new versions of a crypto miner and an IRC bot," Microsoft Security Intelligence...
“Multiple adversaries” exploiting Confluence vulnerability, warns Microsoft
Microsoft has warned that "multiple adversaries and nation-state actors" are making use of the recent Atlassian Confluence RCE vulnerability. A fix is now available for CVE-2022-26134. It is essential users of Confluence address the patching issue immediately. Confluence vulnerability: Background...
Malicious code in rrequests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 06f65269b50b6cebcd54c9be1a267f52626bc95f94d9e0ebcbe89c86b03488ec Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in reequests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 527aece3e73d2bd7e861a39485ce31dd5c649c35088b9787fad7479fbb634231 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7433 Malicious code in equests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b07d61adac5cc418902b2b527453dcd02eacb4411a61ea7456c8a9546479e59a Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in reqquests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b9a54f366ac9633e5aee64e1efffcdcfb633b5b78922b33ceb6e32ce7d64ca51 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in requestts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 0c0ffc8f86c690c110698019cf875b931478cfd7c059ea4da99532950ae57829 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in requeests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4f52373c3c99a0107c5d679e9ec09cd42dd3260168c30a3b20246bb5b2109861 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7437 Malicious code in requess (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx c2f8ad6ce2f92726fe81822a7b0221d62e01f1c48c7eb6ad87e0758cfca42ccf Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7436 Malicious code in requeests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 4f52373c3c99a0107c5d679e9ec09cd42dd3260168c30a3b20246bb5b2109861 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7442 Malicious code in rrequests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 06f65269b50b6cebcd54c9be1a267f52626bc95f94d9e0ebcbe89c86b03488ec Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in equests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx b07d61adac5cc418902b2b527453dcd02eacb4411a61ea7456c8a9546479e59a Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7440 Malicious code in requuests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx add900896883e60604145a44ada9b8e7fb1013ea91ee1b719b7b3e26a94824ae Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
MAL-2022-7441 Malicious code in reuests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8595aba5fb09b2fb54831d18452e4a1980daf222f8ea4d62b50d29446419c309 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in requessts (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 281d687d37b55f2d202f7ae0a8b421b286a71ebd2992bf7608ebe030ec6f8e53 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...
Malicious code in reuests (PyPI)
--- -= Per source details. Do not edit below this line.=- Source: checkmarx 8595aba5fb09b2fb54831d18452e4a1980daf222f8ea4d62b50d29446419c309 Malicious packages typosquatting the popular requests package. payload execute a cryptomining malware...