Cryptocurrency miners target web servers with malware

itman · Jan 17, 2018

RubyMiner malware plants XMRig on vulnerable systems. Security researchers have discovered malware aimed at Linux and Windows servers running to mine cryptocurrency.

RubyMiner malware plants XMRig on vulnerable systems. Security researchers have discovered malware aimed at Linux and Windows servers running to mine cryptocurrency.

According to researchers at Check Point, attackers have used malware called RubyMiner to infect systems with a cryptocurrency miner called XMrig.

Researchers said in a blog post that over a 24-hour period last week, hackers attempted to compromise 30 percent of networks worldwide in order to find vulnerable web servers in order to mobilise them to their mining pool. It said that among the top countries targeted are the United States, Germany, United Kingdom, Norway and Sweden, though no country has gone unscathed.
Click to expand...

https://www.scmagazine.com/cryptocurrency-miners-target-web-servers-with-malware/article/737639/

Sampei Nihira · Jan 23, 2018

https://www.ghacks.net/2018/01/23/test-your-web-browsers-cryptojacking-protection/

hawki · Feb 1, 2018

"A giant botnet is forcing Windows servers to mine cryptocurrency

The Smominru miner has infected at least half a million machines - mostly consisting of Windows servers - and spreads via the EternalBlue exploit...

The Smominru miner botnet turns infected machines into miners of the Monero cryptocurrency and is believed to have made its owners around $3.6 million since it started operating in May 2017 - about a month after EternalBlue leaked and around the same time as the WannaCry attack..."

http://www.zdnet.com/article/a-giant-botnet-is-forcing-windows-servers-to-mine-cryptocurrency/

Minimalist · Feb 20, 2018

Tesla Internal Servers Infected with Cryptocurrency Miner

Hackers have breached Tesla cloud servers used by the company's engineers and have installed malware that mines the cryptocurrency.

The incident took place last year when hackers gained access to Tesla's Kubernetes server, an open-source application used by large companies to manage API and server infrastructure deployed on cloud hosting providers.
Click to expand...

https://www.bleepingcomputer.com/ne...l-servers-infected-with-cryptocurrency-miner/

itman · Feb 24, 2018

Hacker Group Makes $3 Million by Installing Monero Miners on Jenkins Servers

A criminal organization has made $3.4 million by compromising Jenkins servers and installing a Monero cryptocurrency miner dubbed JenkinsMiner.

“The perpetrator, allegedly of Chinese origin, has been running the XMRig miner on many versions of Windows, and has already secured him over $3 million worth of Monero crypto-currency. As if that wasn’t enough though, he has now upped his game by targeting the powerful Jenkins CI server, giving him the capacity to generate even more coins.” states a blog post published by CheckPoint.

Jenkins is the most popular open source automation server, it is maintained by CloudBees and the Jenkins community.

The automation server supports developers build, test and deploy their applications, it has more than 133,000 active installations worldwide with more than 1 million users.
Click to expand...

http://securityaffairs.co/wordpress/69232/malware/jenkinsminer-targets-jenkins-servers.html

Minimalist · Mar 6, 2018

Miner vs miner: Attack script seeks out and destroys competing currency crafters

Cryptocurrency-mining malware-scum have started to write code that evicts rivals from compromised computers.

The miner in question was first noticed by SANS Internet Storm Center handler Xavier Mertens. Mertens spotted the PowerShell script on March 4, and noting that it kills any other CPU-greedy processes it spots on target machines, he wrote: “The fight for CPU cycles started!”
Click to expand...

https://www.theregister.co.uk/2018/03/06/cryptocurrency_miner_sans_martens/

Minimalist · Mar 19, 2018

Coverity Scan code checker's systems crypto-jacked to run cheeky mining op

The systems of freebie open-source code scanning tool Coverity Scan were hacked and abused to run a cryptocurrency mining operation, its operator has confirmed.

Synopsys, the firm behind Coverity Scan, said its corporate systems were not affected by the previously unexplained incident, which resulted in the suspension of the service for around four weeks until last Friday.
Click to expand...

https://www.theregister.co.uk/2018/03/19/coverity_scan_cryptomining/

hawki · May 14, 2018

"Cryptomining malware targets unpatched servers

Cybercriminals are increasingly targeting unpatched server vulnerabilities to infect machines with cryptomining malware, according to a new report.

The study from Check Point Software Technologies sees cryptomining malware dominate Check Point’s Top Ten Most Wanted Malware Index, the Coinhive variant retains the top spot with a global reach of 16 percent. Cryptoloot -- another crypto-mining malware -- is close behind with a global reach of 14 percent, while the Roughted malvertising malware came in third (11 percent).

Two unpatched server vulnerabilities in Microsoft Windows Server 2003 (CVE-2017-7269) and Oracle Web Logic (CVE-2017-10271) are being targeted in order to illicitly mine cryptocurrency. Globally, 46 percent of the world's organizations have been targeted for the Microsoft Windows Server 2003 vulnerability, while the Oracle Web Logic vulnerability was close behind, targeting 40 percent of organizations across the world. Interestingly, old-fashioned SQL injection attacks remained the third most popular vulnerability..."

https://betanews.com/2018/05/14/cry...ign=Feed - bn - BetaNews Latest News Articles

Log in or Sign up

Cryptocurrency miners target web servers with malware

itman Registered Member

Sampei Nihira Registered Member

hawki Registered Member

Minimalist Registered Member

itman Registered Member

Minimalist Registered Member

Minimalist Registered Member

hawki Registered Member

Log in or Sign up

Cryptocurrency miners target web servers with malware

itman Registered Member

Sampei Nihira Registered Member

hawki Registered Member

Minimalist Registered Member

itman Registered Member

Minimalist Registered Member

Minimalist Registered Member

hawki Registered Member

Useful Searches