Cyber security news for all

More

    Celebs are the latest tool for cryptocurrency attacks

    Researchers have released a new report on a new crypto-mining botnet that uses seemingly harmless content such as Taylor Swift’s JPEG images as bait. The botnet called MyKings has been active since 2016, according to a press release from SophosLabs. The actors behind MyKings are said to have added bootkit functionality to the malware, making it more difficult to detect and remove.

    People seem to like celebrities. Even cryptocurrency hackers have a good opinion of famous people and have recently seen this fact in a case where hackers used images of famous pop singer Taylor Swift to hide malicious code.

    cryptocurrency hackers

    MyKings Has Already Raised 3 Million Dollars

    The SophosLabs report provides a comprehensive overview of the operation of the botnet, which characterizes as relentlessly redundant attackers. It mainly attacks Windows-based services on which database management systems such as MqSQL and network protocols such as Telnet or servers for surveillance cameras are installed. As the report notes, the creators of the botnet appear to prefer to use open source or other public domain software and have a high level of expertise in adapting and improving the source code. As a result, individual components for carrying out attacks and for carrying out automated update processes can be integrated.

    The botnet performs a series of attacks on a server to install executable malware, often a Trojan, which has proven to be the most common payload on infected servers. This Trojan is used to operate various crypto miners on the target hardware. SophosLabs estimates that botnet operators have made approximately 3 million dollars so far.

    Hidden Executable File That Automatically Updates The Botnet When It Is Downloaded

    An imperceptibly altered image of the pop star Taylor Swift was uploaded to a public repository as a jpg photo together with a hidden executable file that automatically updates the botnet when it is downloaded. Investigations show how sophisticated MyKings persistence mechanism is, which continues through aggressive repetition and self-updating procedures with multiple command combinations.

    Recent Articles

    Vodafone experiences a vulnerability with fatal effects

    The injected JavaScript can access the session cookies from Vodafone website and send them to a server. An attacker can take over the session...

    Maze leaks data on its own platform

    The Maze ransomware has been up to almost a year and a half. This week, security experts warned about the actions of the cyber...

    Emotet to spread the malware behind email archives

    If you find an attached pack to an email these days, you should be particularly careful: the highly developed malware Emotet could be lurking...

    500,000 Activision accounts have been leaked

    Activision has taken a position on the alleged leak. According to the publisher, there has never been a data leak. In some cases it is...

    Judge issues injunction against WeChat

    The US government wanted to take action against the app WeChat. A judge stood sideways. The app should disappear from the platforms in the...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox