#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

mining cryptocurrency | Breaking Cybersecurity News | The Hacker News

The Pirate Bay Caught Running Browser-Based Cryptocurrency Miner

The Pirate Bay Caught Running Browser-Based Cryptocurrency Miner
Sep 19, 2017
The world's popular torrent download website, The Pirate Bay , has again been in a new controversy—this time over secretly planting an in-browser cryptocurrency miner on its website that utilizes its visitors' CPU processing power in order to mine digital currencies. The Pirate Bay is the most popular and most visited file-sharing website predominantly used to share copyrighted material free of charge. The site has usually been in the news for copyright infringement by movie studios, music producers and software creators. The Pirate Bay has recently been caught generating revenue by secretly utilizing CPU power of its millions of visitors to mine a Bitcoin alternative called Monero without their knowledge. The modern Internet depends on advertising revenue to survive, which apparently sometimes spoils users' experience. But The Pirate Bay is trying to choose a different approach. Visitors to the Pirate Bay recently discovered a JavaScript-based cryptocurrency mine

CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware

CowerSnail — Windows Backdoor from the Creators of SambaCry Linux Malware
Jul 27, 2017
Last month, we reported about a group of hackers exploiting SambaCry —a 7-year-old critical remote code execution vulnerability in Samba networking software—to hack Linux computers and install malware to mine cryptocurrencies. The same group of hackers is now targeting Windows machines with a new backdoor, which is a QT-based re-compiled version of the same malware used to target Linux. Dubbed CowerSnail , detected by security researchers at Kaspersky Labs as Backdoor.Win32.CowerSnail, is a fully-featured windows backdoor that allows its creators to remotely execute any commands on the infected systems. Wondering how these two separate campaigns are connected? Interestingly, the CowerSnail backdoor uses the same command and control (C&C) server as the malware that was used to infect Linux machines to mine cryptocurrency last month by exploiting the then-recently exposed SambaCry vulnerability. Common C&C Server Location — cl.ezreal.space:20480 SambaCry vulnerabi

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl
Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte

Warning! Hackers Started Using "SambaCry Flaw" to Hack Linux Systems

Warning! Hackers Started Using "SambaCry Flaw" to Hack Linux Systems
Jun 10, 2017
Remember SambaCry ? Two weeks ago we reported about a 7-year-old critical remote code execution vulnerability in Samba networking software (re-implementation of SMB networking protocol) that allows a remote hacker to take full control of a vulnerable Linux and Unix machines. To know more about the SambaCry vulnerability (CVE-2017-7494) and how it works, you can read our previous article . At that time, nearly 485,000 Samba-enabled computers were found to be exposed on the Internet, and researchers predicted that the SambaCry-based attacks also have potential to spread just like WannaCry ransomware widely. The prediction came out to be quite accurate, as honeypots set up by the team of researchers from Kaspersky Lab have captured a malware campaign that is exploiting SambaCry vulnerability to infect Linux computers with cryptocurrency mining software. Another security researcher, Omri Ben Bassat‏, independently discovered  the same campaign and named it "EternalMiner

Automated remediation solutions are crucial for security

cyber security
websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.

Creator of Bitcoin Mining Schemes faces $12 Million for Ponzi Scam

Creator of Bitcoin Mining Schemes faces $12 Million for Ponzi Scam
Jun 06, 2017
Every time a new topic trends on the Internet, scammers take advantage of it. You must have heard of Bitcoin and how in recent days it has made some early investors millionaire overnight. Yes, the Bitcoin boom is back, and it's real — a digital currency that has just crossed a new milestone today. The current price of 1 BTC or 1 Bitcoin = US$2,850. An American con man took advantage of this boom in Bitcoin market to run bogus bitcoin mining schemes and earn millions of dollars. But the bogus schemes ended as the United States Securities and Exchange Commission (SEC) has won a legal battle against two bogus, but now defunct, Bitcoin companies operated by Homero Joshua Garza — GAW Miners and ZenMiner. Garza is now facing a $12 Million (£9.2 Million) penalty for running the bogus schemes – what lawmakers have certified was a "Ponzi scheme." According to the SEC, Garza used the "lure of quick riches" in order to get people to invest in the bitcoin mi

Weeks Before WannaCry, Cryptocurrency Mining Botnet Was Using Windows SMB Exploit

Weeks Before WannaCry, Cryptocurrency Mining Botnet Was Using Windows SMB Exploit
May 16, 2017
A security researcher has just discovered a stealthy cryptocurrency-mining malware that was also using Windows SMB vulnerability at least two weeks before the outbreak of WannaCry ransomware attacks. According to Kafeine, a security researcher at Proofpoint , another group of cyber criminals was using the same EternalBlue exploit , created by the NSA and dumped last month by the Shadow Brokers, to infect hundreds of thousands of computers worldwide with a cryptocurrency mining malware called ' Adylkuzz .' This malicious campaign went unnoticed for weeks because unlike WannaCry , this malware does not install ransomware or notify victims, but instead, it quietly infects unpatched computers with malware that only mine ' Monero ,' a Bitcoin-like cryptocurrency. This Malware Saves Computers From Getting Hacked By WannaCry The Researcher believes Adylkuzz malware attack could be larger in scale than WannaCry ransomware attack because it has been designed to blo

An Army of Thousands of Hacked Servers Found Mining Cryptocurrencies

An Army of Thousands of Hacked Servers Found Mining Cryptocurrencies
May 05, 2017
A new botnet consisting of more than 15,000 compromised servers has been used to mine various cryptocurrencies, earning its master around $25,000 per month. Mining cryptocurrencies can be a costly investment, as it requires an enormous amount of computing power, but cybercriminals have found an easy money-making solution. Dubbed BondNet, the botnet was first spotted in December 2016 by GuardiCore researchers, who traced back the botnet malware developer, using online handle Bond007.01, to China. According to the GuardiCore researchers, Bond007.01 is currently using BondNet for mining cryptocurrencies — primarily Monero, but also ByteCoin, RieCoin, and ZCash — but they warn that the hacker could easily take full control of compromised servers for malicious purposes, like mounting Mirai-style DDoS attacks. BondNet Attacks only Windows Server Machines Since mining cryptocurrencies require large amounts of CPU/GPU power, the botnet master goes after Windows Server machin
Cybersecurity Resources