Cybersecurity experts at ESET published an in-depth study about a new malware named “KryptoCibule.” This exploit specifically targets Windows users with three methods of attack, including by installing a crypto mining app, directly stealing crypto wallet files, and replacing copy/pasted wallet addresses as a means to hijack individual transactions. According to the cybersecurity firm, KryptoCibule’s developers rely on the Tor network and BitTorrent protocol to coordinate the attacks. The malware’s original incarnation first appeared in December 2018. At that time, it was merely a Monero mining utility that quietly harvested user’s system resources to generate the currency. By February 2019, …
The crypto price surge since March has been accompanied by a wave of cryptojacking attacks according to new research published by cybersecurity firm Symantec. According to the company there was a 163% increase in browser-based cryptojacking activity in the second quarter of 2020. Cryptojacking had previously been in a steep decline from March 2019 due to the shutdown of the mining script maker, CoinHive. Symantec points out the increase in the last quarter coincided with a surge in the value of Bitcoin (BTC) and Monero (XMR), two cryptocurrencies often mined by the threat actors that rely on browser-based cryptojacking malware. …
On June 24, security experts from Palo Alto Networks’ Unit 42 warned about a new self-propagating malware that launches cryptojacking and DDoS attacks against Windows systems. The software operates under the name “Lucifer”. According to the study, Lucifer is a hybrid of cryptojacking and DDoS malware that leverages old vulnerabilities on the Windows platform. Vulnerabilities exploited After breaking the security infrastructure, attackers execute commands that release DDoS attacks. This allows them to install XMRig Miner, a well-known Monero (XMR) mining app, to launch cryptojacking attacks. Palo Alto Networks claims that a related Monero wallet has received 0.493527 XMR so far. …
Cybersecurity company Trend Micro claims to have detected a web address spreading a botnet featuring a monero (XMR) mining component alongside a backdoor. The malware was described on Trend Micro’s official blog on June 13. Per the report, the firm attributes the malware to Outlaw Hacking Group, as the techniques employed are almost the same used in its previous operations. The software in question also holds Distributed Denial of Service (DDoS) capabilities, “allowing the cybercriminals to monetize their botnet through cryptocurrency mining and by offering DDoS-for-hire services.” Trend Micro also believes that the creators of the malware in question are …
Smartwatch maker and data-syncing service provider, Garmin, was the subject of a ransomware attack that took down several of its services on July 23, which managed to encrypt its internal network. According to a series of tweets published by the company, the Garmin Connect website and mobile app were affected by the hackers, plus the call centers and every customer support resources like replying emails, online chats, and handling calls. However, the nature of the attack was unveiled by ZDNet, who also stated that the cybercriminals also targeted flyGarmin, the company’s service that supports its line of aviation navigational equipment. …