11-22-2024
BSV
$67.84
Vol 162.66m
-12.9%
BTC
$98813
Vol 108816.4m
1.49%
BCH
$494.68
Vol 1722.32m
-6.67%
LTC
$90.34
Vol 1322.73m
1.42%
DOGE
$0.39
Vol 9754.32m
2.38%
Getting your Trinity Audio player ready...

Cybersecurity researchers have uncovered a new digital currency mining worm which specifically targets Amazon Web Services (AWS) credentials, in what is believed to be a first of its kind threat.

In a new report, cybersecurity firm Cado Security described the attack as “unsophisticated,” having only raised $300 according to blockchain data.

However, the report highlighted the unusual functionality, specifically targeting AWS credentials, which could inspire a new generation of hackers intent on using stolen resources for block reward mining.

Cado Security said this reflects a broader trend of hackers moving towards attacking cloud and container environments, as more companies and other organizations move to cloud based services.

Known as TeamTNT, the hacking group recycled code from another worm, Kinsing, which has been used to attack Alibaba Cloud Security tools. According to the report, this technique could now see future hackers copying TeamTNT code, which would mean the prevalence of AWS facing attacks will likely increase over time.

As has become common for mining attacks of this type, the TeamTNT worm uses XMRig to mine for Monero. By harvesting cloud resources from victims, the hackers were intent on powering their mining operation from hacked resources, allowing them to profit from Monero mining on a mass scale.

Research into the MoneroOcean mining pool revealed 119 compromised systems that had been successfully attacked by the hack so far.

The mining attacks can be described as a form of cryptojacking, one of the fastest growing forms of online cybercrime. Cryptojacking attacks effectively steal processing power from unsuspecting victims, which the hackers use to run crypto mining scripts to their own benefit.

As a result, these types of hacks often fly under the radar of detection, especially in organizations without the technical expertise to understand the nature of threat.

Recommended for you

David Case gets technical with Bitcoin masterclass coding sessions
Whether you're a coding pro or a novice, David Case's livestream sessions on the X platform are not to be...
November 21, 2024
NY Supreme Court’s ruling saves BTC miner Greenidge from closing
However, the judge also ruled that Greenidge must reapply for the permit and that the Department of Environmental Conservation has...
November 20, 2024
Advertisement
Advertisement
Advertisement