This Monero malware targets corporate networks
This Monero malware targets corporate networks. In one report The cybersecurity firm Sophos, which today has more than 500,000 customers as customers, announced today that a new variant of the cryptocurrency miner Tor2Mine is infecting corporate networks.
Sean Gallagher, Sophos threat researcher and report writer, said:
“All the miners we’ve seen lately are mining XMR.”
According to Gallagher, malware looks for vulnerabilities in a network, usually in the form of a system that does not yet have security functions such as anti-virus and anti-malware software or has them but has not yet been updated. Once installed on a server or computer, the malware looks for other systems to install the miner for maximum profit.
Two variants of the Tor2Mine miner dig deep into networks with PowerShell, VBScript
Using remote scripts and code, a variant can even run filelessly until it receives administrative credentials …
– SophosLabs (@SophosLabs) December 2, 2021
“Two Tor2Mine miners dig into the network with PowerShell, VBScript. With the help of remote scripts and code, a variant can even be executed without the need for files on the computer system until an administrator login is obtained.
Hacking remains a real problem for DAO and DeFi projects, which are often more vulnerable to attack than smart contracts. Recently, BadgerDAO was hacked and caused $ 120 million in loss in a front-end exploit such as: Bitcoin magazine reported.
Gallagher said in the press release:
“Once embedded in the network, it is very difficult to eradicate without the support of endpoint protection software and other anti-malware measures. Since it is spreading from the original point of attack, it cannot be eliminated simply by patching and cleaning up a system. The software will try to spread to other systems in the network, even if the server controlled and controlled by miners blocks or goes offline. “
Monero malware targets corporate networks. In other words, Tor2Mine quickly spreads to every other system on the network and installs the cryptocurrency miner where it can and cannot be easily removed.
Because this approach generates less revenue than other attacks like ransomware, a malware application must spread to as many systems as possible in order to make the attack worrying.
According to Gallagher, signs that a system is infected with a virus are unusually high computing power consumption, reduced performance and above-average electricity bills. Like mining cryptocurrency.
XMR is a popular target for cyber criminals because of its security features that make it much more difficult to track down than Bitcoin and ETH. Monero wallet addresses and transactions are difficult to track because of the use of ring signatures and hidden addresses that hide the identity of both the sender and the recipient.
Sophos recommends patching vulnerabilities in Internet-based systems such as web applications, VPN services, email servers, and installing anti-malware products to limit the possibility of victimization.
While Sophos has its own products, Gallagher suggests several forms of defense:
“Any antivirus is better than none.”
Join Bitcoin Magazine Telegram to keep track of news and comment on this article: https://t.me/coincunews