New cryptojacking botnet uses SMB exploit to spread to Windows systems

Posted by & filed under Ειδοποιήσεις.

A new cryptojacking botnet is spreading across compromised networks via multiple methods that include the EternalBlue exploit for Windows Server Message Block (SMB) communication protocol. The attacker’s goal is to mine for Monero (XMR) cryptocurrency and enslave as many systems as possible for this task for increased profit. Complex campaign Researchers at Cisco Talos named… Read more »

Hackers Infect 50,000 MS-SQL and PHPMyAdmin Servers with Rootkit Malware

Posted by & filed under Ειδοποιήσεις.

Cyber Security researchers at Guardicore Labs today published a detailed report on a widespread cryptojacking campaign attacking Windows MS-SQL and PHPMyAdmin servers worldwide. Dubbed Nansh0u, the malicious campaign is reportedly being carried out by an APT-style Chinese hacking group who has already infected nearly 50,000 servers and are installing a sophisticated kernel-mode rootkit on compromised systems to prevent… Read more »