Cryptomining stories

The 2022 Sysdig Cloud Native Threat Report breaks down supply chain attacks against containers and how geopolitical conflict influences attacker behaviours.

It appears the mass FOMO around crypto investing may be wearing thin with new data revealing a noticeable drop in crypto app downloads this year.

Sophos has provided new threat intelligence following the reporting of the Apache Log4Shell vulnerability.

Sophos has released new findings on the Tor2Mine cryptominer that show how the miner evades detection, spreads automatically through a target network, and is increasingly harder to remove from an infected system.

"We are looking at yet another rapidly compiled, opportunistic and possibly experimental attack."

Bitcoin's escalating valuation has made some criminal organisations and malicious individuals very wealthy. The impact of this growth in wealth may have a severe impact on the future threat landscape.

The cryptominer was recently discovered when attackers targeted internet-facing database servers (SQL servers), and the MrbMiner was downloaded and installed.

According to Kaspersky's latest report, the global cybersecurity company has detected 1,726,799 mining attempts in the first half of this year targeting SMBs in SEA.

The malware, primarily targeting victims in Czechia and Slovakia, prioritises subterfuge through deployment of multiple techniques to avoid detection, and leans heavily on the Tor network and BitTorrent protocol to achieve its goals.

The botnet, called Necurs, gained control of the computers using malware and used them to commit crimes remotely.

28% of all organisations worldwide were impacted by malicious multi-purpose botnets, while the rise of 20% of incident response cases were targeted ransomware attack.

Attackers could theoretically pull in an estimated $1.6 million annually by leveraging this attack model, which began about two years ago.

The incidence of cryptojacking has seen rapid growth and has emerged as a favourite strategy for hackers.

Threat actors are quick to try and exploit new vulnerabilities when they emerge, before organisations have had the chance to patch them.

Large-scale cryptojacking is a lucrative business due to the popularity and value of cryptocurrencies like Bitcoin and Ethereum.

The report found that ransomware is seeing a 325% increase from previous year, and is the fourth-most detected threat against businesses in APAC.

Compromised enterprise networks from unpatched vulnerabilities and bad security hygiene continued to be fertile ground for hackers in 2018.

To be successful and remain undetected, shadow mining depends on deliberately configuring security systems to function incorrectly.

“As cyberattacks continue to increase in frequency and sophistication, understanding prevalent cyberthreats and how to limit their impact has become an imperative.”

ESET’s Security Days Conference recently took place to go over the current threat environment and what to look out for next.

Check Point’s researchers confirm Coinhive holds the top position in February's Top Malware index for fifteenth successive month before it shut down, while GandCrab distribution campaigns increase.

Social media platforms contain up to 20% more methods by which malware can be delivered to users – e.g. through adverts, shares, plug-ins – than comparable sources.

The report found that more than half of cybercriminal attacks pivot away from malware-based attacks.

A recent report found that almost half of the organisations surveyed have malware in one of their cloud applications.