article thumbnail

UnityMiner targets unpatched QNAP NAS in cryptocurrency mining campaign

Security Affairs

Experts warn of ongoing attacks targeting QNAP network-attached storage (NAS) devices to abuse them in cryptocurrency mining. Researchers at 360Netlab are warning of a cryptocurrency malware campaign targeting unpatched QNAP network-attached storage (NAS) devices. The flaws affect QNAP NAS firmware versions prior to August 2020.

article thumbnail

New Triada Trojan comes preinstalled on Android devices

Security Affairs

The researchers speculate that threat actors behind this variant have compromised the supply chain, so stores may not even suspect that they are selling smartphones infected with Triada “The new version of the malware is distributed in the firmware of infected Android devices. It is located in the system framework.

Malware 121
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Experts show that is easy to hack Hardware-based Cryptocurrency Wallets

Security Affairs

A team of researchers demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks. During the 35c3 conference held in Leipzig, Germany, the researchers Dmitry Nedospasov , Thomas Roth , ad Josh Datko demonstrated that cryptocurrency wallets Trezor and Ledger are vulnerable to several type of attacks.

article thumbnail

Pirated Windows 10 ISOs install clipper malware via EFI partitions

Bleeping Computer

Hackers are distributing Windows 10 using torrents that hide cryptocurrency hijackers in the EFI (Extensible Firmware Interface) partition to evade detection. [.]

Firmware 145
article thumbnail

Triada strikes back

SecureList

With time, the vulnerabilities were patched, and restrictions were added to the firmware. Attackers are leveraging this by embedding malicious software into Android device firmware. Attackers are now embedding a sophisticated multi-stage loader directly into device firmware. oat ) located in the same directory.

article thumbnail

Dovecat crypto-miner is targeting QNAP NAS devices

Security Affairs

QNAP is warning customers of a new piece of malware dubbed Dovecat that is targeting NAS devices to mine cryptocurrency. The malware was designed to abuse NAS resources and mine cryptocurrency. The malware targets QNAP NAS devices exposed online that use weak passwords. “QNAP Systems, Inc.

article thumbnail

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

Dragos experts investigated an infection of DirectLogic PLCs from Automation Direct, they performed reverse engineering of the password cracking tool and discovered it did not crack the password at all, rather, it exploited a vulnerability in the firmware to retrieve the password on command. ” reads the advisory published by Dragos.

Passwords 129