RateLimited°C
11-04-2024
BSV
$46.61
Vol 14.6m
-1.46%
BTC
$68912
Vol 38210.87m
0.88%
BCH
$339.89
Vol 247.82m
-0.38%
LTC
$67.05
Vol 348.53m
-0.37%
DOGE
$0.15
Vol 2713.22m
6.31%
Getting your Trinity Audio player ready...

Cybersecurity researchers have uncovered a new digital currency mining worm which specifically targets Amazon Web Services (AWS) credentials, in what is believed to be a first of its kind threat.

In a new report, cybersecurity firm Cado Security described the attack as “unsophisticated,” having only raised $300 according to blockchain data.

However, the report highlighted the unusual functionality, specifically targeting AWS credentials, which could inspire a new generation of hackers intent on using stolen resources for block reward mining.

Cado Security said this reflects a broader trend of hackers moving towards attacking cloud and container environments, as more companies and other organizations move to cloud based services.

Known as TeamTNT, the hacking group recycled code from another worm, Kinsing, which has been used to attack Alibaba Cloud Security tools. According to the report, this technique could now see future hackers copying TeamTNT code, which would mean the prevalence of AWS facing attacks will likely increase over time.

As has become common for mining attacks of this type, the TeamTNT worm uses XMRig to mine for Monero. By harvesting cloud resources from victims, the hackers were intent on powering their mining operation from hacked resources, allowing them to profit from Monero mining on a mass scale.

Research into the MoneroOcean mining pool revealed 119 compromised systems that had been successfully attacked by the hack so far.

The mining attacks can be described as a form of cryptojacking, one of the fastest growing forms of online cybercrime. Cryptojacking attacks effectively steal processing power from unsuspecting victims, which the hackers use to run crypto mining scripts to their own benefit.

As a result, these types of hacks often fly under the radar of detection, especially in organizations without the technical expertise to understand the nature of threat.

Recommended for you

BSV Association joins OnlyDust’s developer event sponsor list
OnlyDust is a network for open-source developers working with blockchain and decentralized projects; its purpose is to connect contributors, maintainers,...
October 23, 2024
How Teranode will leave the competition in the dust
As we enter 2025, other blockchain networks that touted themselves as the future of scalability will find themselves behind BSV...
October 22, 2024
Advertisement
Advertisement
Advertisement