LemonDuck Cryptomining Botnet Hunting for Misconfigured Docker APIs

LemonDuck cryptomining botnet previously targeted Microsoft Exchange servers. Now it is targeting the world’s leading containerization platform, Docker. According to the latest research from cybersecurity experts at CrowdStrike, the infamous…

Warez users fell for Certishell

Avast –  Avast –  Research of this malware family began when I found a malicious task starting powershell code directly from a registry key within our user base.  I wasn’t…

TeamTNT targeting AWS, Alibaba

Written by Darin Smith Summary TeamTNT modified their scripts after they were made public by security researchers TeamTNT scripts primarily target AWS, but can also run in on-premise, container, or…

Threat Spotlight: “Haskers Gang” Introduces New ZingoStealer

Update (04/14/22): Following the initial publication of this blog, we observed a new post in the Haskers Gang Telegram channel announcing that ownership of the ZingoStealer project is being transferred…

New CoinStomp cryptomining malware targeting cloud services

According to researchers, the new CoinStomp malware is mainly targeting cloud service providers based in Asia. The IT security researchers at London, United Kingdom-based Cado Security have revealed details of…

Toss a Coin to your Helper (Part 2 of 2)

Avast –  Avast –  In the first posting of this series, we looked at a clipboard stealer belonging to the MyKings botnet. In this second part of the blog series,…

Cryptomining Malware Targets Alibaba ECS Instances

Alibaba ECS Instances (Elastic Computing Service) have become the hackers’ targets, as these are actively hijacking them for cryptomining malware deployment purposes. Cryptomining Malware Hijacks Alibaba ECS Instances: Details TrendMicro…

CISA warns of trojanized versions of JavaScript library’s NPM package

The warning comes days after three rogue packages, okhsa, klow, and klown discovered by DevSecOps firm Sonatype, were removed from the NPM repository. On Friday, the US Cybersecurity and Infrastructure…

Crypto-mining Malware Targets Huawei Cloud

Cloud service providers, like, for instance, Huawei Cloud, are now targeted by some new variant of a past crypto-mining malware. This is Linux-based and its initial version started its activities…

Fake Cryptomining Apps Stole Over $350K From Android Users

Security Intelligence – Security Intelligence – Fake Cryptomining Apps Stole Over $350K From Android Users Cryptomining has become a lucrative industry, growing more and more mainstream. Now, attackers are trying…