For about a week now there have been repeated posts on the BleepingComputer and Malwarebytes forums regarding a BITSADMIN 3.0 command prompt that repeatedly opens on its own and downloads files. What all of these users had in common were numerous adware and unwanted programs installed on the computer.
Users across several countries are being targeted in a campaign that delivers a new strain of malware named Digmine that installs a Monero cryptocurrency miner and a malicious Chrome extension which helps it propagate to new victims.
The criminal group behind previous campaigns that have spread the VenusLocker ransomware have now switched their focus to delivering a Monero cryptocurrency miner instead.
Over the course of the current week, WordPress sites around the globe have been the targets of a massive brute-force campaign during which hackers attempted to guess admin account logins in order to install a Monero miner on compromised sites.
A malware strain known as Loapi will damage phones if users don't remove it from their devices. Left to its own means, this modular threat will download a Monero cryptocurrency miner that will overheat and overwork the phone's components, which will make the battery bulge, deform the phone's cover, or even worse.
An aggressive and sophisticated malware campaign is currently underway, targeting Linux and Windows servers with an assortment of exploits with the goal of installing malware that mines the Monero cryptocurrency.
A free-to-use script that helps website owners show EU cookie consent popups is dropping an in-browser cryptocurrency miner on websites that use it.
The in-browser cryptojacking craze that has taken over the Internet is getting worse by the day and more and more sites are implementing such systems, intentionally or after getting hacked.
A threat actor is mass-scanning the Internet for Ethereum mining equipment running ethOS that is still using the operating system's default SSH credentials. The attacker is using these creds to gain access to the mining rig and replace the owner's Ethereum wallet address with his own.
A malicious Chrome extension is being used to inject the CoinHive browser miner, while registering domains for the extension developer using the victim's Gmail address.
The browser cryptojacking scene has just expanded from one player to two with the recent launch of the Crypto-Loot service, a website that's eerily similar to the now notorious Coinhive in-browser miner.
The Roboto Condensed social engineering attack has been updated to not only distribute keyloggers and miners, but if your "lucky, is now also pushing adware and crapware bundles that overrun a computer.
A malware author (or authors) has made around $63,000 during the past five months by hacking unpatched IIS 6.0 servers and mining Monero.
Coinhive is quickly becoming the Martin Shkreli of the Internet, going from an innovative tool that lets you mine Monero with your browser, to a technology abused by hoards of malware authors.
Attacks aimed at delivering cryptocurrency mining tools on enterprise networks have gone up as much as six times, according to telemetry data collected by IBM's X-Force team between January and August 2017.
Telemetry data collected by Kaspersky Lab shows that in the first nine months of 2017, malware that mines for various types of cryptocurrencies has infected more than 1.65 million endpoints.
A group of experienced hackers — tracked under the name of CodeFork — have launched a new malware distribution campaign that uses advanced tools and new techniques to go undetected by security solutions.