To make it harder to spot a cryptominer process that is utilizing all of the CPU, a new variant has been discovered for Linux that attempts to hide its presence by utilizing a rootkit.
Trend Micro has recently spotted an attacker that is scanning for exposed Docker Engine APIs and utilizing them to deploy containers that download and execute a coin miner. These containers then use scripts to spread to other systems.
Cryptocurrency miners are now being distributed by a new campaign pretending to be Adobe Flash Player installers. While this is not new, this particular campaign is going the extra mile to appear legitimate by not only installing a miner, but also updating Flash Player as well.
What may very well be considered a cybercriminal's dream tool is now real and it is hunting Windows and Linux servers: a botnet with self-spreading capabilities that combines cryptomining and ransomware functions.
Security researchers have discovered a new exploit kit, currently active mainly in Asian countries, which, they say, has been busy spreading bootkits and cryptocurrency-mining (coinminer) malware.
An old foe and one of the first ransomware strains is still around and making new victims, but this malware is keeping up with the times and has added a cryptocurrency-mining component that it deploys on carefully selected computers.
Security firm FireEye has detected that malware authors have deployed the PROPagate code injection technique for the first time inside a live malware distribution campaign.
The Docker team has pulled 17 Docker container images that have been backdoored and used to install reverse shells and cryptocurrency miners on users' servers for the past year.
At least 5% of all the Monero cryptocurrency currently in circulation has been mined using malware, and about 2% of the total daily hashrate comes from devices infected with cryptocurrency-mining malware.
When the CPU utilization on a computer is high, games become less responsive, frame rate goes down, and gameplay stutters. To diagnose these problems, users will commonly open process manager utilities such as Task Manager, Process Explorer, or Process Hacker to determine if any processes are using too much of the CPU power.
Cyber-criminals have managed to assemble a gigantic botnet of over 40,000 infected web servers, modems, and other IoT devices, which they used for cryptocurrency mining, and for redirecting users to malicious sites.
Security researchers from Qihoo 360 Total Security have detected a massive malware campaign spreading a new coinminer, and which appears to have made roughly 500,000 victims in three days alone.
After the publication of two severe security flaws in the Drupal CMS, cybercrime groups have turned their sights on this web technology in the hopes of finding new ground to plant malware on servers and make money through illegal cryptocurrency mining.
Security researchers have detected a new wave of cryptocurrency-mining malware infecting servers across the web, and this one is using multiple exploits to gain access to vulnerable and unpatched systems to install a Monero miner.
Hackers haven't wasted their time in deciding what to do with the proof-of-concept (PoC) code that was published online last week for a major Drupal security flaw.
The authors of the XiaoBa ransomware have retooled their malware's code into a cryptocurrency miner (coinminer). Unfortunately, despite not encrypting files anymore, the XiaoBa coinminer still destroys users' data thanks to a series of bugs that primarily corrupt a user's executable files.
Hackers are leveraging an IIS 6.0 vulnerability to take over Windows servers and install a malware strain that mines the Electroneum cryptocurrency.
Cryptocurrency mining operations, illegal or not, are becoming a real problem for the higher education sector, where hackers have found plenty of easy to hack systems, but also where students are using university resources to make an extra profit via deliberate cryptocurrency mining.