• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   cryptocurrency

Malicious Traffic in Port 7001 Surges as Cryptominers Target Patched 2017 Oracle WebLogic Vulnerability
  • Posted on:May 11, 2018 at 6:00 am
  • Posted in:Vulnerabilities
  • Author:
    Trend Micro
0

We observed a large spike in the number of devices scanning the internet for port 7001/TCP since April 27, 2018. Our analysis found that it’s increased activity was caused by cybercriminals engaging in cryptomining via exploiting CVE-2017-10271. The flaw is a patched Oracle WebLogic WLS-WSAT vulnerability that can allow remote attackers to execute arbitrary code on unpatched servers. This marks the second time attackers abused CVE-2017-10271 for cryptomining purposes this year. In February, the vulnerability was exploited to deliver 64-bit and 32-bit variants of an XMRig Monero miner.

Read More
Tags: cryptocurrencyOracle WebLogicvulnerability

Cryptocurrency-Mining Malware Targeting IoT, Being Offered in the Underground
  • Posted on:May 2, 2018 at 3:01 am
  • Posted in:Internet of Things, Malware
  • Author:
    Fernando Mercês (Senior Threat Researcher)
0

Crime follows the money, as the saying goes, and once again, cybercriminals have acted accordingly. The underground is flooded with so many offerings of cryptocurrency malware that it must be hard for the criminals themselves to determine which is best. This kind of malware, also known as cryptomalware, has a clear goal, which is to make money out of cryptocurrency transactions. This can be achieved through two different methods: stealing cryptocurrency and mining cryptocurrency on victims’ devices surreptitiously (without the victims noticing), a process also known as cryptojacking. In this post, we discuss how these two methods work, and see whether devices connected to the internet of things (IoT), which are relatively underpowered, are being targeted.

Read More
Tags: bitcoincryptocurrencycryptocurrency minercybercrimecybercriminal underground

FacexWorm Targets Cryptocurrency Trading Platforms, Abuses Facebook Messenger for Propagation
  • Posted on:April 30, 2018 at 6:03 am
  • Posted in:Bad Sites, Malware
  • Author:
    Joseph C Chen (Fraud Researcher)
0

Our Cyber Safety Solutions team identified a malicious Chrome extension we named FacexWorm, which uses a miscellany of techniques to target cryptocurrency trading platforms accessed on an affected browser and propagates via Facebook Messenger.

FacexWorm isn’t new. It was uncovered in August 2017, though its whys and hows were still unclear at the time. Last April 8, however, we noticed a spike in its activities that coincided with external reports of FacexWorm surfacing in Germany, Tunisia, Japan, Taiwan, South Korea, and Spain.

Read More
Tags: ChromecryptocurrencyFacebookFacexWormMessengermining

Cluster of Coins: How Machine Learning Detects Cryptocurrency-mining Malware
  • Posted on:March 26, 2018 at 5:00 am
  • Posted in:Malware
  • Author:
    Trend Micro
0

As new trends and developments in the malicious mining of cryptocurrency emerge, a smart and sustainable way of detecting these types of threats is swiftly becoming a cybersecurity necessity. By using Trend Micro Locality Sensitive Hashing (TLSH), a machine learning hash that is capable of identifying similar files, we were able to group together similar cryptocurrency-mining samples gathered from the wild. By grouping together samples based on their behavior and file types, detection of similar or modified malware becomes possible.

Read More
Tags: cryptocurrencymachine learning

Cryptocurrency-Mining Malware: 2018’s New Menace?
  • Posted on:February 28, 2018 at 2:09 am
  • Posted in:Exploits, Internet of Things, Malware
  • Author:
    Menard Osena (Senior Product Manager)
0

Will cryptocurrency-mining malware be the new ransomware? The popularity and increasing real-world significance of cryptocurrencies are also drawing cybercriminal attention — so much so that it appears to keep pace with ransomware’s infamy in the threat landscape. In fact, cryptocurrency mining was the most detected network event in devices connected to home routers in 2017.

What started out in mid-2011 as an afterthought to main payloads such as worms and backdoors has evolved into such an effective way to profit that even cyberespionage and ransomware operators, and organized hacking groups are joining the bandwagon.

Read More
Tags: Bitcoin Miningcryptocurrencycryptocurrency minerMinersMonero
Page 1 of 3123

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • Legitimate Application AnyDesk Bundled with New Ransomware Variant
  • FacexWorm Targets Cryptocurrency Trading Platforms, Abuses Facebook Messenger for Propagation
  • Monero-Mining RETADUP Worm Goes Polymorphic, Gets an AutoHotKey Variant
  • New Phishing Scam uses AES Encryption and Goes After Apple IDs
  • Necurs Evolves to Evade Spam Detection via Internet Shortcut File

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.