Since the patches for ProxyLogon problems were still not installed, cybercriminals continue their activity, for example, the updated Prometei botnet attacks vulnerable Microsoft Exchange servers. Researchers from Cybereason Nocturnus discovered Prometei malware, which mines Monero cryptocurrency on vulnerable machines. In early March 2021, Microsoft engineers released unscheduled patches for four vulnerabilities in the Exchange mail… Continue reading Prometei botnet attacks vulnerable Microsoft Exchange servers
Tag: Prometei
Prometei botnet uses SMB for distribution
Cisco Talos has discovered a new botnet, Prometei, which was active since March 2020 and focused on mining the Monero (XMR) cryptocurrency. The researchers note that the Prometei botnet intensively uses the SMB protocol for distribution. The malware mainly attacks users from the USA, Brazil, Pakistan, China, Mexico and Chile. During four months of activity,… Continue reading Prometei botnet uses SMB for distribution