Latest cryptojacking News

<p>The U.S. Department of Justice (DOJ) has unveiled charges against five Chinese nationals for their roles in a cybercriminal ring that targeted at least 100 companies globally. The five are alleged to have engaged in cryptojacking, stolen source code, accessed customer account data and more.</p>
<p>In the indictments <a href=announced on September 16, the DoJ alleged that the five defendants engaged in computer intrusions that affected several companies in the United States and beyond. They included software development companies, telecommunications providers, computer hardware manufacturers, social media platforms, universities, video game companies and more.

The hackers allegedly stole critical data from their victims, including source code, customer account data, software code signing certificates and more.

“These intrusions also facilitated the defendants’ other criminal schemes, including ransomware and “crypto-jacking” schemes, the latter of which refers to the group’s unauthorized use of victim computers to “mine” cryptocurrency,” the DoJ alleged.

The Justice Department also revealed that two Malaysian businessmen who had conspired with the Chinese hackers had been arrested. A federal grand jury in Washington D.C. had returned an indictment charging the two with colluding with the hackers and profiting from their crimes. Following a warrant for their arrest issued by a District of Columbia court, Malaysian authorities had arrested them in Sitiawan.

The Chinese hackers are still at large, with the U.S. government accusing China of protecting cybercriminals.

“Regrettably, the Chinese communist party has chosen a different path of making China safe for cybercriminals so long as they attack computers outside China and steal intellectual property helpful to China,” Deputy Attorney General Jeffrey Rosen alleged.

The indictment charged Zhang Haoran and Tan Dailin with 25 counts of conspiracy, aggravated identity theft, money laundering, wire fraud and violating the Computer Fraud and Abuse Act. If convicted of their charges, they face over 80 years behind bars.

The other three, Qian Chuan, Jiang Lizhi and Fu Qiang, face charges of money laundering, racketeering, access device fraud and conspiracy to violate the CFAA, among others. They face up to 70 years in prison if convicted of their charges.

For the two Malaysian businessmen, the DoJ charged them with racketeering, intentional damage to protected computer, access device fraud and aggravated identity theft.

The DoJ has continued to crack down on digital currency crime in recent months. Earlier this week, it unveiled charges against two Russian citizens whom it claims coordinated a sophisticated phishing attack targeting three digital currency exchanges and over 100 users. In August, it seized 300 digital currency wallets it claimed were used to fund terrorist activities.

" title="5 Chinese hackers face cryptojacking, wire fraud charges in US" />
Business 21 September 2020

5 Chinese hackers face cryptojacking, wire fraud charges in US

Prosecutors said the five defendants engaged in computer intrusions that affected several companies in the United States and beyond.

<p>Cybersecurity researchers have uncovered a new <a href=digital currency mining worm which specifically targets Amazon Web Services (AWS) credentials, in what is believed to be a first of its kind threat.

In a new report, cybersecurity firm Cado Security described the attack as “unsophisticated,” having only raised $300 according to blockchain data.

However, the report highlighted the unusual functionality, specifically targeting AWS credentials, which could inspire a new generation of hackers intent on using stolen resources for block reward mining.

Cado Security said this reflects a broader trend of hackers moving towards attacking cloud and container environments, as more companies and other organizations move to cloud based services.

Known as TeamTNT, the hacking group recycled code from another worm, Kinsing, which has been used to attack Alibaba Cloud Security tools. According to the report, this technique could now see future hackers copying TeamTNT code, which would mean the prevalence of AWS facing attacks will likely increase over time.

As has become common for mining attacks of this type, the TeamTNT worm uses XMRig to mine for Monero. By harvesting cloud resources from victims, the hackers were intent on powering their mining operation from hacked resources, allowing them to profit from Monero mining on a mass scale.

Research into the MoneroOcean mining pool revealed 119 compromised systems that had been successfully attacked by the hack so far.

The mining attacks can be described as a form of cryptojacking, one of the fastest growing forms of online cybercrime. Cryptojacking attacks effectively steal processing power from unsuspecting victims, which the hackers use to run crypto mining scripts to their own benefit.

As a result, these types of hacks often fly under the radar of detection, especially in organizations without the technical expertise to understand the nature of threat.

" title="Digital currency mining worm targets AWS credentials: researchers" />
Tech 21 August 2020

Digital currency mining worm targets AWS credentials: researchers

Cado Security described the attack as “unsophisticated,” having only raised $300 according to blockchain data.

[id^="_form"]
[id^="_form"]
[id$="_submit"]
[id$="_submit"]
[^;]
[^;]
[?&]
[?&]
[^&#]
[^&#]
[(d+)]
[(d+)]
[elem.name]
[elem.name]
[+_a-z0-9-'&=]
[+_a-z0-9-'&=]
[+_a-z0-9-']
[+_a-z0-9-']
[a-z0-9-]
[a-z0-9-]
[a-z]
[a-z]
[el.name]
[el.name]
[id^="_form"]
[id^="_form"]
[id$="_submit"]
[id$="_submit"]
[^;]
[^;]
[?&]
[?&]
[^&#]
[^&#]
[(d+)]
[(d+)]
[elem.name]
[elem.name]
[+_a-z0-9-'&=]
[+_a-z0-9-'&=]
[+_a-z0-9-']
[+_a-z0-9-']
[a-z0-9-]
[a-z0-9-]
[a-z]
[a-z]
[el.name]
[el.name]