BSV
$54.4
Vol 32.33m
-3.85%
BTC
$96976
Vol 46930.75m
-1.66%
BCH
$459.3
Vol 366.96m
-2.27%
LTC
$102.13
Vol 907.12m
-1.1%
DOGE
$0.32
Vol 5744.32m
-5.27%
Getting your Trinity Audio player ready...

Cybersecurity researchers have uncovered a new digital currency mining worm which specifically targets Amazon Web Services (AWS) credentials, in what is believed to be a first of its kind threat.

In a new report, cybersecurity firm Cado Security described the attack as “unsophisticated,” having only raised $300 according to blockchain data.

However, the report highlighted the unusual functionality, specifically targeting AWS credentials, which could inspire a new generation of hackers intent on using stolen resources for block reward mining.

Cado Security said this reflects a broader trend of hackers moving towards attacking cloud and container environments, as more companies and other organizations move to cloud based services.

Known as TeamTNT, the hacking group recycled code from another worm, Kinsing, which has been used to attack Alibaba Cloud Security tools. According to the report, this technique could now see future hackers copying TeamTNT code, which would mean the prevalence of AWS facing attacks will likely increase over time.

As has become common for mining attacks of this type, the TeamTNT worm uses XMRig to mine for Monero. By harvesting cloud resources from victims, the hackers were intent on powering their mining operation from hacked resources, allowing them to profit from Monero mining on a mass scale.

Research into the MoneroOcean mining pool revealed 119 compromised systems that had been successfully attacked by the hack so far.

The mining attacks can be described as a form of cryptojacking, one of the fastest growing forms of online cybercrime. Cryptojacking attacks effectively steal processing power from unsuspecting victims, which the hackers use to run crypto mining scripts to their own benefit.

As a result, these types of hacks often fly under the radar of detection, especially in organizations without the technical expertise to understand the nature of threat.

Recommended for you

Google unveils ‘Willow’; Bernstein downplays quantum threat to Bitcoin
Google claims that Willow can eliminate common errors associated with quantum computing, while Bernstein analysts noted that Willow’s 105 qubits...
December 18, 2024
WhatsOnChain adds support for 1Sat Ordinals with new API set
WhatsOnChain now supports the 1Sat Ordinals with a set of APIs in beta testing; with this new development, developers can...
December 13, 2024
Advertisement
Advertisement
Advertisement