The individual accused of perpetrating a massive-scale hack of credit card issuer Capital One also allegedly hacked cloud customers’ servers to mine cryptocurrency for herself. Court filings published on Aug. 28 reveal that Paige A. Thompson has been indicted on charges of both perpetrating the Capital One breach and of hacking into the servers of her employer’s cloud services customers for the purposes of cryptojacking. “Cryptojacking” is an industry term for stealth crypto mining attacks which work by installing malware or otherwise gaining access to a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. The …

French police have shut down a massive botnet that has been used for Monero (XMR) cryptojacking. Cryptojacking backed by “massive firepower” BBC News reported the development on Aug. 27. According to the police, the botnet was distributed by sending virus-laden emails with offers for erotic pictures or fast cash, and further propogated through infected USB drives. The virus, called Retadup, ultimately infected 850,000 computers in over 100 countries — thus creating a massive botnet. The chief of C3N — the French police’s cybercrime unit — Jean-Dominique Nollet spoke on France Inter radio about the power of a botnet this size, …

A cryptojacking code was found in 11 open-source code libraries written in Ruby, which have been downloaded thousands of times. Hackers downloaded the software, infected it with malware, and subsequently reposted it on the RubyGems platform, industry news outlet Decrypt reported on Aug. 21. The malicious code was first noticed by a GitHub user, who posted about the issue on Aug. 19. He said that, when executed, the library downloaded additional code from text hosting service Pastebin, which then triggered the malicious mining. The malware also sent the address of the infected host to the attacker, alongside environment variables which …

Cybersecurity company Varonis has discovered a new cryptojacking virus, dubbed “Norman,” that aims to mine the cryptocurrency Monero (XMR) and evade detection. Varonis published a report about Norman on Aug.14. According to the report, Varonis found Norman as one of many cryptojacking viruses deployed in an attack that infected machines at a mid-size company. Hackers and cybercriminals deploy cryptojacking hardware to use the computing power of unsuspecting users’ machines to mine cryptocurrencies like the privacy oriented coin Monero. Norman in particular is a crypto miner based on XMRig, which is described in the report as a high-performance miner for Monero …

Malware Smominru mines Monero (XMR) on at least half a million infected computers and now also steals sensitive personal data. An updated malware Cybersecurity company Carbon Black claimed that its Threat Analysis Unit “uncovered a secondary component in a well-known cryptomining campaign” in a report published on Aug. 7. According to the firm, the malware has now been updated to “also steal system access information for possible sale on the dark web.” Per the report, the update is part of a broader trend in malware development: “This discovery indicates a bigger trend of commodity malware evolving to mask a darker …

Computer analysts at cybersecurity firm Zscaler ThreatLabZ have found a new type of trojan that targets cryptocurrency users. In a blog post published on Aug. 8, the company reveals that it identified a new remote-access trojan (RAT) that is able to capture administrative control of the targeted computer, retrieve browser history and look for activities involving cryptocurrency, credit cards, business, social media and others. The malware is called Saefko and is written in .NET, a software framework developed by Microsoft and used to develop a wide range of applications. The post further explains: “RATs are usually downloaded as a result …

Cybersecurity firm ESET has detected what it describes as an unusual and persistent cryocurrency miner distributed for macOS and Windows since August 2018. The news was revealed in a report from ESET Research published on June 20. According to ESET, the new malware, dubbed “LoudMiner,” uses virtualization software — VirtualBox on Windows and QEMU on macOS — to mine crypto on a Tiny Core Linux virtual machine, thus having the potential to infect computers across multiple operating systems. The miner itself reportedly uses XMRig — an open-source software used for mining privacy-focused altcoin monero (XMR) — and a mining pool, …

Top Stories This Week CCN casts doubt on shutdown plans as Google appears to correct visibility Cryptocurrency news outlet CCN (formerly CryptoCoinsNews) is apparently not going through with its total shutdown, as reported earlier this week. The outlet had previously posted a note that a recent Google Core Update had led to a more than 70% visibility drop on mobile overnight, leading the organization to decide to shut down rather than downsize. However, an update this week from CCN Markets Director Jonas Borchgrevink notes that, for an unexplained reason, the crypto outlet’s old domain name, CryptoCoinNews, has been showing up …

Cybersecurity company Trend Micro claims to have detected a web address spreading a botnet featuring a monero (XMR) mining component alongside a backdoor. The malware was described on Trend Micro’s official blog on June 13. Per the report, the firm attributes the malware to Outlaw Hacking Group, as the techniques employed are almost the same used in its previous operations. The software in question also holds Distributed Denial of Service (DDoS) capabilities, “allowing the cybercriminals to monetize their botnet through cryptocurrency mining and by offering DDoS-for-hire services.” Trend Micro also believes that the creators of the malware in question are …

Cybersecurity firm Trend Micro has confirmed that attackers have been exploiting a vulnerability in the Oracle WebLogic server to install monero (XMR) mining malware, while using certificate files as an obfuscation trick. The news was revealed in a Trend Micro blog post published on June 10. As previously reported, forms of stealth crypto mining are also referred to with the industry term cryptojacking — the practice of installing malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. According to Trend Micro’s post, a security patch for theOracle WebLogic vulnerability (“CVE-2019-2725”) — reportedly …

Cybersecurity firm Trend Micro has detected a major uptick in monero (XMR) cryptojacking malware targeting China-based systems this spring. The news was revealed in an official Trend Micro announcement on June 5. As previously reported, cryptojacking is an industry term for stealth crypto mining attacks that work by installing malware that uses a computer’s processing power to mine for cryptocurrencies without the owner’s consent or knowledge. The XMR-focused malware — which wields malicious PowerShell scripts for illicit mining activities on Microsoft-based systems — reportedly surged against Chinese targets in mid-May. Hitting a peak on May 22, the wave of cryptojacking …

Cybersecurity firm Trend Micro announced that it found a malware dubbed BlackSquid that infects web servers employing eight different security exploits and installs mining software. The findings were announced in a blog post published on June 3. Per the report, the malware targets web servers, network drives and removable drives using eight different exploit and brute force attacks. More precisely, the software in question employs “EternalBlue; DoublePulsar; the exploits for CVE-2014-6287, CVE-2017-12615, and CVE-2017-8464; and three ThinkPHP exploits for multiple versions.” While the sample acquired by Trend Micro installs the XMRig monero (XMR) Central Processing Unit-based mining software, BlackSquid could …