Keeping Knowledge Free for Over a Decade

Cryptominer malwares in RIG EK spread via malvertising

posted onJanuary 11, 2018

by l33tdawg

https://media.scmagazine.com/images/2016/12/20/cryptocurrency_1120636.jpg?format=jpg&zoom=1&quality=70&anchor=middlecenter&mode=pad

Credit: https://media.scmagazine.com/images/2016/12/20/cryptocurrency_1120636.jpg?format=jpg&zoom=1&quality=70&anchor=middlecenter&mode=pad

Malwarebytes researcher Jerome Segura analyzed a RIG exploit campaign distributing malware coin miners delivered via drive-by download attacks from malvertising.

Around November 2017, Segura began noticing exploit kits containing larger-than-usual payloads carrying one or more cryptominers for Monero and other popular currencies such as Bytecoin and Electroneum, according to a Jan. 9 blog post.

In the Ngay campaign, researchers noticed various redirection techniques to download the RIG EK to infect users with processes that will mine multiple cryptocurrencies in a single attack.

Source

Tags

Security

previous article

You May Also Like

Recent News

Friday, May 10th

Boeing Confirms Lockbit Hackers Wanted $200 Million Ransom After 2023 Hack

Dell discloses data breach of customers’ physical addresses

Poland says it was targeted by Russian military intelligence hackers

Leaked FBI email stresses need for warrantless surveillance of Americans

Stack Overflow users sabotage their posts after OpenAI deal

Fedora Asahi Remix 40 is another big step forward for Linux on Apple Silicon Macs

6 Practical Tips for Using Anthropic's Claude Chatbot

Thursday, May 9th

OpenAI Is ‘Exploring’ How to Responsibly Generate AI Porn

Dell responds to return-to-office resistance with VPN, badge tracking

Hands-on with the new iPad Pros and Airs: A surprisingly refreshing refresh

Wednesday, May 8th

Chinese Hackers Deployed Backdoor Quintet to Down MITRE

Apple announces M4 with more CPU cores and AI focus

Boeing says workers skipped required tests on 787 but recorded work as completed

Ransomware mastermind LockBitSupp has been ID’d

OpenAI’s flawed plan to flag deepfakes ahead of 2024 elections

Tuesday, May 7th

Indian police adopt facial recognition despite risk of massive data breaches

Cybersecurity Workforce Sustainability Has a Problem

New Cuckoo macOS malware can take over all Macs and steals your passwords too

Apple’s iPhone Spyware Problem Is Getting Worse

Tesla announces fourth round of layoffs in four weeks

New Microsoft AI model may challenge GPT-4 and Google Gemini

Novel attack against virtually all VPN apps neuters their entire purpose

Hackers discover how to reprogram NES Tetris from within the game

Monday, May 6th

NASA hasn’t landed on the Moon in decades—China just sent its third in six years

Counterfeit Cisco gear ended up in US military bases, used in combat operations

Microsoft plans to lock down Windows DNS like never before. Here’s how.

These dangerous scammers don’t even bother to hide their crimes

Friday, May 3rd

Iranian state-backed cyber spies continue to impersonate media brands, think tanks

Malware attacks on Docker Hub spread millions of malicious repositories

Want to Buy a Decommissioned Supercomputer? Here’s Your Chance

Maximum-severity GitLab flaw allowing account hijacking under active exploitation

Would You Still Use Google if It Didn't Pay Apple $20 Billion to Get on Your iPhone?

Thursday, May 2nd

Nvidia's flagship gaming GPU can crack complex passwords in under an hour

The US Government Is Asking Big Tech to Promise Better Cybersecurity

Email reveals Microsoft's rushed decision to invest in OpenAI