Major Airport Malware Attack Shines a Light on OT Security

A cryptomining infection managed to spread to half of all workstations at a major international airport in Europe – shining a spotlight on security for operational tech and IT convergence. Researchers at Cyberbit found the XMRig Monero mining malware, which was a known strain called “Playerz,” bu...

Cryptomining Crook Steals Game Developer’s Identity to Carry Out Dirty Work

A 29-year-old cybercriminal assumed the guise of a prominent California video-game developer and eSports tournament organizer to throw authorities off his cryptomining track, according to an indictment unsealed on Wednesday. Matthew Ho, a citizen of Singapore, allegedly used the developer’s stole...

Beers with Talos Ep. #62: Fifty shades of shady

Beers with Talos BWT Podcast episode No. 62 is now available. Download this episode and subscribe to Beers with Talos: If iTunes and Google Play aren't your thing, click here. Recorded Sept. 13, 2019 In one of our "rantier" episodes, the BWT crew dives into the ongoing insidiousness that is...

XMR Cryptomining Targeting x86/i686 Systems

I have been playing close attention to Internet of Things IoT malware targeting systems with Telnet enabled, while also collecting samples targeting systems with SSH enabled on port 22. I've collected over 650 samples landing in my honeypot within the...

Dangerous Cryptomining Worm Racks Up 850K Infections, Self-Destructs

A French and U.S. law-enforcement effort has neutralized 850,000 infections by a cryptomining worm known as Retadup, by causing the threat to destroy itself. The worm has been distributing the malicious XMRig cryptocurrency miner to computers running the Windows operating system, mostly in Latin...

Labs quarterly report finds ransomware’s gone rampant against businesses

Ransomware's back—so much so that we created an entire report on it. For 10 quarters, we've covered cybercrime tactics and techniques, covering a wide range of threats we saw lodged against consumers and businesses through our product telemetry, honeypots, and threat intelligence. We've looked at...

Carbon Black Threat Analysis Unit (TAU) Uncovers Significant Evolution of Popular Cryptomining Campaign Affecting More than 500,000 Computers

Carbon Black’s CB Threat Analysis Unit TAU has uncovered a secondary component in a well-known cryptomining campaign. The malware has been enhanced to also steal system access information for possible sale on the dark web. Combined together, this attack is being classified as “Access Mining.” Thi...

Smominru Cryptominer Scrapes Credentials for Half-Million Machines

A commodity cryptomining botnet campaign that has infected a half-million computers is now tapping a lucrative secondary moneymaking opportunity in selling access to victim machines, according to researchers. An analysis of the known Smominru cryptomining campaign, which uses a modified version o...

New malware attack turns Elasticsearch databases into DDoS botnet

By Uzair Amir The malware attack involves two stages including one in which existing cryptomining malware is removed and other remove configuration files. This is a post from HackRead.com Read the original post: New malware attack turns Elasticsearch databases into DDoS botnet...

New cryptomining botnet malware hits Android devices

By Uzair Amir The new malware exploits Android Debug Bridge ADB ports. In a research conducted by the Tokyo-based cybersecurity and threat defense firm Trend Micro, it was revealed that there is a new cryptomining malware bot that’s particularly targeting Android devices. The miner exploits the...

Hackers using pirated software to spread new cryptomining Mac malware

By Waqas If you download pirated content from torrent platforms, you can be a victim of this Mac malware. There is a new variant of cryptomining malware that is specifically targeting Apple's Mac devices and those users who prefer downloading pirated software from torrent platforms. Dubbed Bird...

ThreatList: Ransomware Trojans Picking Up Steam in 2019

With the number of unique cyberincidents continuing to grow, ransomware-based attacks in particular are on the rise in 2019, researchers said. Ransomware trojan-based infections jutted up from 9 percent in the fourth quarter of 2018 to 24 percent in the first quarter of 2019, said Positive...

Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. Dubbed Nansh0u , the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has...

Labs Cybercrime Tactics and Techniques report finds businesses hit with 235 percent more threats in Q1

The Malwarebytes Labs Cybercrime Tactics and Techniques Q1 2019 report found businesses at the butt end of a bad joke. In just one year, threats aimed at corporate targets have increased by 235 percent, with Trojans, such as Emotet, and ransomware in particular revving up in the first quarter...

Upcoming Firefox version to offer fingerprinting & cryptomining protection

By Uzair Amir There is very good news for Mozilla Firefox users. After improving the user experience with tracking protection function offering content blocking features and other changes in Firefox 63, Mozilla is aiming for another significant update in the upcoming version of the browser. The n...

SpeakUp Linux Backdoor Sets Up for Major Attack

LAS VEGAS — A backdoor trojan dubbed “SpeakUp” has been spotted exploiting the Linux servers that run more than 90 percent of the top 1 million domains in the U.S. It uses a complex bag of tricks to infect hosts and to propagate, which analysts say could indicate that it’s poised for a major...

Cryptomining Malware Uninstalls Cloud Security Products

Researchers say they have discovered a unique malware family capable of gaining admin rights on targeted systems by uninstalling cloud-security products. Instances of the malicious activity are tied to coin-mining malware targeting Linux servers. Palo Alto Networks’ Unit 42, which published the...

2019: The Year Ahead in Cybersecurity

2018 may have been filled with cybersecurity incidents, but the infosec community is gearing up for what the New Year will bring. From emerging cyber-threat attacks surfaces, new APT groups, and more regulations around data privacy, 2019 is set to be another big year in the cybersecurity space...

New Frontiers In Cryptojacking

Tejas Girme & Rishikesh Bhide of Qualys Malware Research Labs present “New Frontiers in Cryptojacking” at the 21st Anti-Virus Asia Researchers International Conference AVAR 2018 in Goa, India. Cryptojacking attacks are evolving over time to better evade detection by both end users and protection...

415,000 routers infected by cryptomining malware – Prime target MikroTik

By Waqas According to a new report, around 415,000 routers throughout the world are infected with malware having the potential to steal computer resources and discreetly mine for the cryptocurrency. The campaign is an active one and it primarily targets MikroTik routers. Researchers claim that th...