Tor2Mine is up to their old tricks — and adds a few new ones

2020-06-16T07:00:56
ID TALOSBLOG:6B2A0BEDE798E807D97D4F2A2CC4A7D8
Type talosblog
Reporter noreply@blogger.com (Joe Marshall)
Modified 2020-06-16T07:00:56

Description

By Kendall McKay and Joe Marshall. Threat summaryCisco Talos has identified a resurgence of activity by Tor2Mine, a cryptocurrency mining group that was likely last active in 2018. Tor2Mine is deploying additional malware to harvest credentials and steal more money, including AZORult, an information-stealing malware; the remote access tool Remcos; the DarkVNC backdoor trojan; and a clipboard cryptocurrency stealer.The actors are also using a new IP address and two new domains to carry out their...

[[ This is only the beginning! Please visit the blog for the complete entry ]]