Nhash: petty pranks with big finances

According to our data, cryptocurrency miners are rapidly gaining in popularity. In an earlier publication we noted that cybercriminals were making use of social engineering to install this sort of software on users' computers. This time, we'd like to dwell more on how exactly the computers of...

Hackers Targeting Servers Running Database Services for Mining Cryptocurrency

Security researchers have discovered multiple attack campaigns conducted by an established Chinese criminal group that operates worldwide, targeting database servers for mining cryptocurrencies, exfiltrating sensitive data and building a DDoS botnet. The researchers from security firm GuardiCore...

Tech support scammers make browser lockers more resilient

Tech support scammers have been relying on fraudulent pop-ups for many years in order to scare potential victims into calling for remote assistance. These so-called browser lockers or browlocks typically originate from malicious ads malvertising that can appear on any website, including trusted...

Jack of all trades

Nowadays, it's all too easy to end up with malicious apps on your smartphone, even if you're using the official Google Play app store. The situation gets even worse when you go somewhere other than the official store – fake applications, limited security checks, and so on. However, the spread of...

Malicious Package

hooka-tools is a malicious package. The package was updated to secretly mine cryptocurrency on the system it is installed on...

How cryptocurrency mining works: Bitcoin vs. Monero

Ever wondered why websites that are mining in the background don’t mine for the immensely hot Bitcoin, but for Monero instead? We can explain that. As there are different types of cryptocurrencies, there are also different types of mining. After providing you with some background information abou...

Largest Crypto-Mining Exchange Hacked; Over $70 Million in Bitcoin Stolen

Bitcoin is breaking every record—after gaining 20% jump last week, Bitcoin price just crossed the $14,800 mark in less than 24 hours—and there can be no better reason for hackers to put all of their efforts to steal skyrocketing cryptocurrency. NiceHash, the largest Bitcoin mining marketplace, ha...

Claymore's Dual Ethereum Miner unauth stack buffer overflow(CVE-2017-16929)

VuNote =================== Author: Ref: https://github.com/tintinweb/pub/tree/master/pocs/cve-2017-16929 Version: 0.2 Date: Nov 30th, 2017 Tag: claymore dual ethereum decred crypto currency miner Overview -------- Name: Claymore's Dual ETH + DCR/SC/LBC/PASC GPU Miner Vendor: nanopool/claymore...

Cryptocurrency Mining Scripts Now Run Even After You Close Your Browser

Some websites have found using a simple yet effective technique to keep their cryptocurrency mining javascript secretly running in the background even when you close your web browser. Due to the recent surge in cryptocurrency prices, hackers and even legitimate website administrators are...

Threat Predictions for Cryptocurrencies in 2018

The landscape in 2017 Today, cryptocurrency is no longer only for computer geeks and IT pros. It's starting to affect people's daily life more than they realize. At the same time, it is fast becoming an attractive target for cybercriminals. Some cyberthreats have been inherited from e-payments,...

A week in security (November 6 – November 12)

After coming out victorious in a case against PUPs, Malwarebytes CEO Marcin Kleczynski has this to say: We fought for our users and we won. -- Marcin Kleczynski @mkleczynski November 9, 2017 And my, do we feel like champions! You can read more about this here. Last week, we looked into the...

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...

A look into the global drive-by cryptocurrency mining phenomenon

An important milestone in the history of cryptomining happened around mid-September when a company called Coinhive launched a service that could mine for a digital currency known as Monero directly within a web browser. JavaScript-based mining is cross-platform compatible and works on all modern...

What is cryptocurrency and why do cybercriminals love it?

Ever pretend you know what your friends are talking about because you want to sound smart and relevant—and then trap yourself in a lie? “Wow, looks like those hackers were mining for cryptocurrency. You know what cryptocurrency is, right?” “Oh yeah, totally. Cryptocurrency. Bad stuff. You know...

This Week in Security News

Welcome to our weekly roundup, where we share what you need to know about the cybersecurity news and events that happened over the past few days. Below you’ll find a quick recap of topics followed by links to news articles and/or our blog posts providing additional insight. Be sure to check back...

D-Link MEA Site Caught Running Cryptocurrency Mining Script—Or Was It Hacked?

Last month the popular torrent website The Pirate Bay caused some uproar by adding a Javascript-based cryptocurrency miner to its site with no opt-out option, utilizing visitors' CPU power to mine Monero coins in an attempt to gain an extra source of revenue. Now D-Link has been caught doing the...

Tales from the blockchain

Cryptocurrency has gradually evolved from an element of a new world, utopian economy to a business that has affected even those sectors of society least involved in information technology. At the same time, it has acquired a fair number of "undesirable" supporters who aim to enrich themselves at...

Three Monero Mining Malware Apps Found on Play Store

By Waqas Hackers, website owners or even cybercriminals are finding new ways This is a post from HackRead.com Read the original post: Three Monero Mining Malware Apps Found on Play Store...

Hacker Hijacks CoinHive's DNS to Mine Cryptocurrency Using Thousands of Websites

When yesterday I was reporting about the sudden outbreak of another global ransomware attack 'Bad Rabbit,' I thought what could be worse than this? Then late last night I got my answer with a notification that Coinhive has been hacked — a popular browser-based service that offers website owners t...

dotCMS 4.1.1 XSS Vulnerability

dotCMS is prone to a stored cross-site scripting XSS vulnerability. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:dotcms:dotcms...