Security Affairs

OCTOBER 15, 2019

Chinese-speaking cybercrime gang Rocke that carried out several large-scale cryptomining campaigns, has now using news tactics to evade detection. Chinese-speaking cybercrime gang Rocke, that carried out several large-scale cryptomining campaigns in past , has now using news tactics to evade detection. Pierluigi Paganini.

Cybercrime 64

Cybercrime DNS Malware Advertising 64

Security Affairs

SEPTEMBER 17, 2018

Palo Alto Network researchers discovered a new malware, tracked as XBash, that combines features from ransomware, cryptocurrency miners, botnets, and worms. The malicious code combines features from different families of malware such as ransomware, cryptocurrency miners, botnets, and worms. ” continues the analysis.

Cryptocurrency 90

Cryptocurrency Malware Ransomware Cybercrime 90

Krebs on Security

DECEMBER 20, 2018

Booter sites are dangerous because they help lower the barriers to cybercrime, allowing even complete novices to launch sophisticated and crippling attacks with the click of a button. ” In such assaults, the perpetrators leverage unmanaged Domain Name Servers (DNS) or other devices on the Web to create huge traffic floods.

DNS 182

DNS Computers and Electronics Government Internet 182

Security Affairs

JANUARY 13, 2019

“In November 2018, TA505 , a prolific actor that has been at the forefront of this trend, began distributing a new backdoor we named “ServHelper”. “On December 13, 2018, we observed another large ServHelper “downloader” campaign targeting retail and financial services customers.” SecurityAffairs – TA505, cybercrime).

Malware 91

Malware DNS Financial Services Retail 91

Security Affairs

AUGUST 8, 2018

DDoS attacks, ransomware-based campaigns, cryptocurrency mining campaigns). “This C&C server has actually been active since 6 th March 2018 but didn’t attract attention because of the low capacity of the “black” botnet at that time. Malware actor publishes the address of the Bot-A in DNS (or using any other public channel).

Malware 47

Malware DNS Encryption Banking 47

SecureList

AUGUST 30, 2023

While investigating an infection of a cryptocurrency company in Southeast Asia, we found Gopuram coexisting on target computers with AppleJeus , a backdoor attributed to the Lazarus. The threat actor specifically targeted cryptocurrency companies. We observed that they have a specific interest in cryptocurrency companies.

Malware 73

Malware Spyware Cryptocurrency Government 73

SecureList

FEBRUARY 16, 2021

The DTLS (Datagram Transport Layer Security) protocol is used to establish secure connections over UDP, through which most DNS queries, as well as audio and video traffic, are sent. While the resource was down, cryptocurrency newbies were invited to download a copy of Bitcoin Core via a torrenting service.

DDOS 129

DDOS Cryptocurrency Marketing Internet 129