Lmst

Every #appliance that's job is to get hot should be a #cryptoMiner or a #heatPump

#electronics #technology #bitcoin #cryptocurrency #crypto #appliances #home

Malicious #VSCode extensions infect #Windows with cryptominers

https://www.bleepingcomputer.com/news/security/malicious-vscode-extensions-infect-windows-with-cryptominers/

Cybercriminals are blackmailing YouTubers with fake copyright claims! 😱 They're threatening creators into distributing malware disguised as download links. A trojanized program installs a cryptominer. ⚠️ Be careful what you download! More info: https://www.techradar.com/pro/security/youtubers-targeted-by-blackmail-campaign-to-promote-malware-on-their-channels #cybersecurity #malware #youtube #cryptominer #newz

CVE-2021-41773 oraz CVE-2021-42013 kończące się kopaniem krypto przez RedTail ( https://nfsec.pl/ai/6597 ) #cryptominer #botnet #redtail #linux #security #twittermigration

https://www.youtube.com/watch?v=XEDgaXtpFRM

Fake Job Offers from CrowdStrike Used by Cybercriminals to Distribute Cryptominer - https://www.redpacketsecurity.com/cybercriminals-use-fake-crowdstrike-job-offers-to-distribute-cryptominer/

#threatintel #cryptominer #CrowdStrike #phishing

Phishers abuse #CrowdStrike brand targeting job seekers with #cryptominer
https://securityaffairs.com/172900/cyber-crime/crowdstrike-phishing-campaign-recruitment-branding.html
#securityaffairs #hacking #malware

Kwaadaardige npm-pakketten met cryptominers ontdekt https://www.trendingtech.news/trending-news/2024/12/50408/kwaadaardige-npm-pakketten-met-cryptominers-ontdekt #npm #cryptominer #supply chain #XMRig #cybersecurity #Trending #News #Nieuws

r2ai can be used over source code. Here, with Claude AI, it analyzes a sample of Linux/Rudedevil. I'm asking it to explain what it's doing with signals, and I really like its insights like "The malware likely handles this to prevent crashes when network connections fail" or "likely prevent normal process termination". Really useful to a malware analyst.

#malware #r2ai #rudedevil #cryptominer cc: @radareorg

This is the presumed decompiled source code for Linux/Rudedevil. Decompiled using decai and Claude AI.

This is the explanation from Claude AI, questioned via r2ai on our file.

Ein Krypto-Miner wurde in einigen Versionen des Pip-Pakets ultralytics gefunden. Betroffen sind die Versionen v8.3.41 und v8.3.42 des ultralytics pip-Pakets auf Mac und Linux.
Updaten!
https://blog.comfy.org/comfyui-statement-on-the-ultralytics-crypto-miner-situation/
#DASS #DassNews #ultralytics #cryptominer

ComfyUl statement on the Ultralytics crypto miner situation. A crypto miner was found in some versions of the ultralytics pip package.

While crypto is dumb, this take on crypto is also dumb.

Arkansas officials halt cryptomine near LR Airbase due to national security concerns
https://katv.com/news/local/arkansas-officials-halt-cryptomine-near-lr-airbase-due-to-national-security-concerns-state-senator-ricky-hill-lonoke-county-judge-doug-erwin-cabot-mayor-ken-kincade-interstate-holdings-arkansas-blockchain-council-benjamin-smith-steven-landers-jr-lrafb
#crypto #cryptocurrency #cryptocult #cryptominer #cryptominers #arkansas #littlerock #ArkansasPolitics

#Linux :tux: -#Malware "#Perfctl" befällt offenbar schon seit Jahren Linux-Server | heise online https://www.heise.de/news/Perfectl-Linux-Malware-laesst-Server-heimlich-Kryptomining-und-mehr-ausfuehren-9963118.html #CryptoMiner #cryptocurrencies #cryptocurrency #Proxy #Loader

@dirksche Klingt nach nen #CryptoMiner oder so...

Mal ps -aux bzw. btop aufgemacht?

Ggf. mal in top bzw. htop nachgucken und ggf. /home/ backuppen und das System neu installieren, weil das geht schneller?

New(ish) #cryptominer alert!

The #RedTail cryptominer has a new variant that exploits the recent critical PAN-OS vuln CVE-2024-3400. You may be aware of RedTail from its Log4Shell days, now it's going after at least 6 known vulnerabilities including the PAN-OS, recent Ivanti Connect Secure vulns, and ThinkPHP.

The write-up goes into a lot more technical detail and provides IoCs and mitigations. Here are the highlights:

🔐 Attackers behind this are using private cryptomining pools. It costs a loooootttt of money and time to do this. It also helps obfuscation. This can tell us some things about who is behind this.

👨‍💻 The tactics observed here mirror tactics previously seen by the Lazarus group. This nation-state theory is supported by the private pools point, but we cannot say that for certain.

🌐 The malware delivery infrastructure relies on multiple unrelated servers hosted by various ✨ legitimate ✨ hosting companies. It is robust and hard to classify as malicious without deeper examination.

Full write up includes IoCs and mitigations:
https://www.akamai.com/blog/security-research/2024-redtail-cryptominer-pan-os-cve-exploit

Incredible work Ryan Barnett Stiv Kupchik and Maxim Zavodchik. I have the coolest job in the world thanks to these folks and their awesome research.

#security #research #crypto

Spearhead bash script checks victim’s processor architecture to download the most compatible binary malware

1) #Harfbuzz is a #text shaping engine, it's used in #Android, #Chrome, #ChromeOS, #Firefox, #GNOME, #GTK+, #KDE, #Qt, #LibreOffice, #OpenJDK, #XeTeX, #PlayStation, #Microsoft #Edge, #Adobe #Photoshop, #Illustrator, #InDesign, #Godot Engine, and other places.

2) Harfbuzz 8.0 introduces a #Wasm shaper, that allows #WebAssembly to be embedded in a #font file. https://www.phoronix.com/news/HarfBuzz-8.0

3) It's only a matter of time until someone embeds a #cryptominer in a font file.

#hacking #fonts #tech

#cybersecurity #threatintel #campaign #backdoor #cryptominer

Users of eScan antivirus are advised to update ASAP to the latest version, and scan their devices for malicious files and processes.

#cybersecurity #threatintel #campaign #backdoor #cryptominer

The campaign is believed to be state-sponsored. The attack works by substituting eScan antivirus software updates with a malicious version. The issue was unnoticed for at least 5 years, but has been fixed as of July 31, 2023.

Security researchers have revealed a malware campaign that exploits the software update mechanism of eScan antivirus to distribute backdoors and cryptocurrency miners.

#cybersecurity #threatintel #campaign #backdoor #cryptominer

https://thehackernews.com/2024/04/escan-antivirus-update-mechanism.html

Sysdig provides a threat actor profile on RUBYCARP, described as a Romanian financially motivated threat actor group actively running a botnet for the past 10 years. They have some crossover with the Outlaw APT group. Their payloads are geared towards cryptomining, DDoS, and Phishing. Initial access includes exploitation of CVE-2021-3129 (9.8 critical, disclosed 12 January 2021, in KEV Catalog, Laravel RCE). Sysdig also IRC talks communication and group hierarchy. IOC for crypto mining pools and various IP/domains scattered throughout article.🔗 https://sysdig.com/blog/rubycarp-romanian-botnet-group/

#RUBYCARP #cybercrime #cryptominer #threatintel #IOC #CVE_2021_3129

Bee Network is the world's largest #web3 interactive platform. Join by invitation and earn #Bee daily with one click for 24hrs! Use my invitation code to join and get 1 Bee for free: hmxkcl. Start earning & getting $BEE for affiliate Airdrops along with the mining, task rewards, and of course the #crypto earned from the #airdrops👀❤️😁😁 Here's the link: https://j.bee.com/s?a=hmxkcl 👋🏻🤳🏻

#web3coin #WEB3Commuunity #beelink #BeeNetwork #beelievers #freecrypto #cryptominer

#cryptoMiner

Client Info