Cryptojacking only really coalesced as a class of attack about six months ago, but already the approach has evolved and matured into a ubiquitous threat. Hacks that co-opt computing power for illicit cryptocurrency mining now target a diverse array of victims, from individual consumers to massive institutions—even industrial control systems.
But the latest victim isn't some faceless internet denizen or a Starbucks in Buenos Aires. It's Tesla. Researchers published findings on Tuesday that some of Tesla's Amazon Web Services cloud infrastructure was running mining malware in a far-reaching and well-hidden cryptojacking campaign.Read more
India’s City Union Bank said on Sunday that “cyber criminals” had hacked its systems and transferred nearly $2 million through three unauthorized remittances to lenders overseas via the SWIFT financial platform.
The comments come after the small private lender on Saturday had disclosed it had discovered the three “fraudulent remittances”, which were sent via correspondent banks to accounts in Dubai, Turkey and China. Chief Executive Officer N. Kamakodi called it a “conspiracy” involving multiple countries, and added the lender was still investigating how it had happened. “This is basically a cyber attack by international cyber criminals,” he told.Read more
Smartphone users are just as vulnerable to cryptocurrency mining hijacks as their PC counterparts, and sometimes on a dramatic scale.
Malwarebytes has detailed a "drive-by" mining campaign that redirected millions of Android users to a website that hijacked their phone processors for mining Monero. While the exact trigger wasn't clear, researchers believed that infected apps with malicious ads would steer people toward the pages. And it wasn't subtle -- the site would claim that you were showing "suspicious" web activity and tell you that it was mining until you entered a captcha code to make it stop.Read more
Malware hunters from US security firm Forcepoint have stumbled across a new strain of Point of Sale (PoS) malware, the second such type of PoS malware that hides stolen credit/debit card information inside DNS requests.
The first PoS malware that was first seen employing this technique was a lesser known version of the NewPosThings PoS malware, named MULTIGRAIN, discovered in April 2016 by fellow US cyber-security firm FireEye. But while MULTIGRAIN had been used in real-world attacks, Forcepoint says it did not find any evidence suggesting this new strain of PoS malware, named UDPoS, has made any victims as of yet.Read more
The odds are about one in four that the crypto fanatic in your office is involved in illegal activities. After conducting a study of historical Bitcoin transaction data an Australian research group concluded:
We find approximately one-quarter of Bitcoin users and one-half of Bitcoin transactions are associated with illegal activity. Around $72 billion of illegal activity per year involves Bitcoin, which is close to the scale of the US and European markets for illegal drugs. And that $72 billion? Here’s a bone for you conspiracy theory types: Business Insider reports Bitcoin has lost $72 billion in value since the beginning of 2018. Coincidence? Probably.Read more
A massive cryptocurrency mining botnet has taken over half a million machines and may have made its cybercriminal controllers millions of dollars - and the whole operation is powered by EternalBlue, the leaked NSA exploit which made the WannaCry ransomware outbreak so destructive.
The Smominru miner botnet turns infected machines into miners of the Monero cryptocurrency and is believed to have made its owners around $3.6 million since it started operating in May 2017 - about a month after EternalBlue leaked and around the same time as the WannaCry attack.Read more
A computer security exploit developed by the US National Security Agency and leaked by hackers last year is now being used to mine cryptocurrency, and according to cybersecurity experts the number of infections is rising.
Last April, a hacking group called the Shadow Brokers leaked EternalBlue, a Windows exploit that was developed by the NSA. Less than a month later, EternalBlue was used to unleash a devastating global ransomware attack called WannaCry that infected more than 230,000 computers in 150 countries. A month later, in June, the EternalBlue exploit was again used to cripple networks across the world in an even more sophisticated attack.Read more
YouTube is turning passive viewers into cryptocurrency miners, and Google isn't happy. The issue became apparent earlier in the week as complaints surfaced on social media claiming that YouTube ads were raising red flags in anti-virus software.
A service called Coinhive was hijacking a viewer's CPU and using its power to mine crypto. A Friday blog post from Trend Micro, an international cybersecurity company, confirmed the sharp uptick in Coinhive use earlier in the week, pinning it to a "malvertising campaign" that subverted a Google ad service used on YouTube.Read more
Researchers have uncovered four malicious extensions with more than 500,000 combined downloads from the Google Chrome Web Store, a finding that highlights a key weakness in what's widely considered to be the Internet's most secure browser.
Google has since removed the extensions. Researchers stumbled on the find after detecting a suspicious spike in outbound network traffic coming from a customer workstation. They soon discovered it was generated by a Chrome extension called HTTP Request Header as it used the infected machine to surreptitiously visit advertising-related Web links.Read more
Basically, phishing is a type of fraud that aims to extract personal data: logins, passwords, wallet numbers, and so forth. It’s essentially digital social engineering.
There’s a variety of phishing known as spear phishing. What distinguishes spear phishing from other types of phishing is that it targets a specific person or employees of a specific company. That targeting makes spear phishing more dangerous; cybercriminals meticulously gather information about the victim to make the “bait” more enticing. A well-produced spear phishing e-mail can be very difficult to distinguish from a legitimate one. So, spear phishing makes it easier to hook the victim.Read more