Official Monero Site Hacked to Distribute Cryptocurrency Stealing Malware

Posted by & filed under Security Alerts.

Someone hacked the official website of the Monero cryptocurrency project and quietly replaced legitimate Linux and Windows binaries available for download with malicious versions designed to steal funds from users’ wallets. The latest supply-chain cyberattack was revealed on Monday after a Monero user spotted that the cryptographic hash for binaries he downloaded from the official site didn’t match… Read more »

Fake WordPress Plugin Comes with Cryptocurrency Mining Function

Posted by & filed under Security Alerts.

Malicious plugins for WordPress websites are being used not just to maintain access on the compromised server but also to mine for cryptocurrency. Researchers at website security company Sucuri noticed the number of malicious plugins increase over the past months. The components are clones of legitimate software, altered for nefarious purposes. Normally, these fake plugins… Read more »

Android Malware Bypasses 2FA by Stealing One-Time Passwords

Posted by & filed under Security Alerts.

Researchers monitoring malware that affects Android devices discovered malicious apps that can steal one-time passwords (OTP) from the notification system. This development bypasses Google’s ban on apps that access SMS and call logs without justification. Google enforced the restriction earlier this year specifically to lower the risk of sensitive permissions where they are not necessary. In theory,… Read more »

Cybercriminals Competing for Cryptocurrency Mining Foothold

Posted by & filed under Security News.

The Pacha Group is a threat actor discovered by Intezer and profiled in a blog post published on February 28, 2019. Dating back to September 2018 the Pacha Group has deployed undetected crypto-mining malware to infiltrate Linux servers and mine cryptocurrency without user permissions. One of the more notable observations discerned by Intezer researchers was the… Read more »

[TA] Pacha Group Competing against Rocke Group for Cryptocurrency Mining Foothold on the Cloud

Posted by & filed under Security Alerts.

Pacha Group is a crypto-mining threat actor we at Intezer discovered and profiled in a blog post published on February 28, 2019. This threat actor targeted Linux servers dating back to September 2018 and implemented advanced evasion and persistence techniques. We have continued to monitor this threat actor and new findings show that Pacha Group… Read more »