The Updated Fodcha Botnet Reaches a Capacity of 1 Tb / s and Demands a Ransom Directly in DDoS Packets

Qihoo 360 (360 Netlab) experts have warned about the emergence of an updated version of the Fodcha botnet, which embeds ransom demands directly into DDoS packets and has new infrastructure hiding functionality. Let me remind you that the Fodcha botnet was discovered in the spring of this year, and even experts reported that the threat… Continue reading The Updated Fodcha Botnet Reaches a Capacity of 1 Tb / s and Demands a Ransom Directly in DDoS Packets

Microsoft warns of mining attacks on Kubernetes clusters

Microsoft has warned of ongoing attacks on Kubernetes clusters running Kubeflow (an open source project that allows running super powerful machine learning computing on top of Kubernetes clusters). Criminals use them to deploy malicious containers that mine Monero and Ethereum cryptocurrencies. Researchers say the attacks appear to be a continuation of a campaign that was… Continue reading Microsoft warns of mining attacks on Kubernetes clusters

PgMiner botnet attacks poorly protected PostgreSQL DBs

Palo Alto Networks has discovered the PgMiner botnet, which attacks and breaks into poorly protected PostgreSQL DBs in order to install miners. A new Linux-based cryptocurrency mining botnet exploits PostgreSQL’s Remote Code Execution (RCE) vulnerability, which compromises cryptojacking database servers. Cryptojacking (or simply malicious coin mining) is a common way for malware authors to monetize… Continue reading PgMiner botnet attacks poorly protected PostgreSQL DBs

Bughunter stole a Monero exploit from another cybersecurity specialist and received a reward for it

Bleeping Computer reporters drew attention to an interesting case that occurred as part of the bug bounty of the Monero program on HackerOne. Bughunter stole a Monero vulnerability exploit discovered by another person and received a reward. The publication notes that bug hunting is not just a good cause that benefits the community, but also… Continue reading Bughunter stole a Monero exploit from another cybersecurity specialist and received a reward for it

Prometei botnet uses SMB for distribution

Cisco Talos has discovered a new botnet, Prometei, which was active since March 2020 and focused on mining the Monero (XMR) cryptocurrency. The researchers note that the Prometei botnet intensively uses the SMB protocol for distribution. The malware mainly attacks users from the USA, Brazil, Pakistan, China, Mexico and Chile. During four months of activity,… Continue reading Prometei botnet uses SMB for distribution

Lucifer malware uses many exploits, is engaged in mining and DDoS attacks

Palo Alto Networks experts have prepared a report on Lucifer malware, which uses many exploits and, according to experts, “wreaks havoc” on Windows hosts. It is noted that the authors of the malware themselves named their brainchild Satan DDoS, but information security experts call it Lucifer to distinguish it from the Satan cryptographer. The Lucifer… Continue reading Lucifer malware uses many exploits, is engaged in mining and DDoS attacks