Tor2Mine is up to their old tricks — and adds a few new ones

Type talosblog
Reporter (Joe Marshall)
Modified 2020-06-16T07:00:56


By Kendall McKay and Joe Marshall. Threat summaryCisco Talos has identified a resurgence of activity by Tor2Mine, a cryptocurrency mining group that was likely last active in 2018. Tor2Mine is deploying additional malware to harvest credentials and steal more money, including AZORult, an information-stealing malware; the remote access tool Remcos; the DarkVNC backdoor trojan; and a clipboard cryptocurrency stealer.The actors are also using a new IP address and two new domains to carry out their...

[[ This is only the beginning! Please visit the blog for the complete entry ]]