The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Most Trusted Cyber Security and Computer Security Analysis: mining software

Over 1,200 NPM Packages Found Involved in "CuteBoi" Cryptomining Campaign

Over 1,200 NPM Packages Found Involved in "CuteBoi" Cryptomining Campaign

July 07, 2022Ravie Lakshmanan
Researchers have disclosed what they say could be an attempt to kick-off a new large-scale cryptocurrency mining campaign targeting the NPM JavaScript package repository. The malicious activity, attributed to a software supply chain threat actor dubbed  CuteBoi , involves an array of 1,283 rogue modules that were published in an automated fashion from over 1,000 different user accounts. "This was done using automation which includes the ability to pass the NPM 2FA challenge," Israeli application security testing company Checkmarx  said . "This cluster of packages seems to be a part of an attacker experimenting at this point." All the released packages in question are said to harbor near-identical source code from an already existing package named eazyminer that's used to mine Monero by means of utilizing unused resources on web servers. One notable modification entails the URL to which the mined cryptocurrency should be sent, although installing the rogue
Hackers Exploiting Microsoft Servers to Mine Monero - Makes $63,000 In 3 Months

Hackers Exploiting Microsoft Servers to Mine Monero - Makes $63,000 In 3 Months

September 28, 2017Swati Khandelwal
Mining cryptocurrencies can be a costly investment as it takes a monstrous amount of computing power, and thus hackers have started using malware that steals computing resources of computers it hijacks to make lots of dollars in digital currency. Security researchers at security firm ESET have spotted one such malware that infected hundreds of Windows web servers with a malicious cryptocurrency miner and helped cybercriminals made more than $63,000 worth of Monero (XMR) in just three months. According to a report published by ESET today, cybercriminals only made modifications to legitimate open source Monero mining software and exploited a known vulnerability in Microsoft IIS 6.0 to secretly install the miner on unpatched Windows servers. Although ESET's investigation does not identify the attackers, it reports that the attackers have been infecting unpatched Windows web servers with the cryptocurrency miner since at least May 2017 to mine 'Monero,' a Bitcoin-like
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.