Security researchers have discovered a new form of cryptocurrency miner that uses fileless malware to install itself on systems. The malware also removes other miners.
Cryptocurrency miners are seemingly working away under every rock on the internet and there is good reason. It's an almost guaranteed payday with a negligible chance of being discovered.
Researcher discovers coin miner that detects and switches off other miners, security tools or intense CPU processes.
Threat actors exploited the CVE-2017-10271 vulnerability which allows for remote code execution to deliver both a 64-bit variant and a 32-bit variant of an XMRig Monero miner, according to a 26 February blog post.
The new Monero miner Smominru is active in the wild using the EternalBlue exploit to spread, according to a new report.
Security researchers recently observed an unknown threat actor attempting to deploy a Monero cryptocurrency miner software to users' systems by leveraging Kaseya Ltd's Virtual Systems Administrator (VSA).
A newly discovered malicious URL redirection campaign that infects users with the XMRig Monero cryptocurrency miner has already victimised users between 15 and 30 million times, researchers have reported.
Cryptocurrency miners basically do what they do with little fanfare or attempts at obfuscation, but one group of miners has been seen using a technique that allows the malware to make injections to 64-bit processes from 32-bit loaders.
Hackers have deployed brute force attacks on WordPress websites in order to turn them into cryptocurrency miners. Single botnet thought to be behind massive attack that yielded almost £750,000 for criminals.