Category Archives: crypto-mining

Hi ho, hi ho, off to cryptomine we go

Updates to Cryptocurrency/Crypto-mining News and Resources

Sophos: The Pirate Bay is plundering your CPU for cryptocash, again – “Popular file sharing site The Pirate Bay seems to have returned to its old tricks again by mining cryptocurrency in visitors’ browsers without telling them.” Graham Cluley: The Pirate Bay is cryptomining for Monero with your CPU again

The Hacker News: New Virus Decides If Your Computer Good for Mining or Ransomware – “Researchers at Russian security firm Kaspersky Labs have discovered a new variant of Rakhni ransomware family, which has now been upgraded to include cryptocurrency mining capability as well.”

The Register: Japanese cryptominer slapped with suspended sentence – “Said to have netted only £34…”

Sophos: Think that bitcoins and a VPN keep you anonymous? Think again… – “A security lapse by a VPN operator can therefore be very worrying news indeed, and that’s what popular online cybercurrency wallet service MyEtherWallet (MEW) is warning about right now…Hola is a free VPN that essentially shares out participating users’ browser connections out amongst the community in order to get around geoblocks.”

David Harley

Advertisements

June 29th AVIEN resource updates

Updates to Cryptocurrency/Crypto-mining News and Resources

FireEye: RIG Exploit Kit Delivering Monero Miner Via PROPagate Injection Technique

The Register: – How polite: Fun-bucks coin miners graciously ease off CPU pounding “…according to Johannes Ullrich, head of research at SANS, who today pointed out that malicious mining apps are scaling down activity and employing built-in encryption to make them harder for antivirus packages to detect.”

Updates to Meltdown/Spectre and other chip-related resources

Catalin Cimpanu for Bleeping Computer: Some Spectre In-Browser Mitigations Can Be Defeated “According to research published by Aleph Security … researchers were able to put together proof-of-concept code that retrieves sensitive data from a browser’s protected memory … their PoC bypassed Spectre mitigations and retrieved data from browsers such as Edge, Chrome, and Safari.” (But not Firefox, apparently.)

See also these anti-social media page updates.

David Harley

Facebook Facepalms, CubeYou and Cryptojacking on the Verge

Updates to Anti-Social Media 

Updates to Cryptocurrency/Crypto-mining News and Resources

David Harley

Resource updates: April 5th-7th 2018

Updates to Anti-Social Media 

Updates to Cryptocurrency/Crypto-mining News and Resources

Updates to Meltdown/Spectre – Related Resources

Only distantly related, but…

Updates to Specific Ransomware Families and Types

[3rd April 2018] Peter Kálnai and Anton Cherepanov for ESET: Lazarus KillDisks Central American casino – “The Lazarus Group gained notoriety especially after cyber-sabotage against Sony Pictures Entertainment in 2014. Fast forward to late 2017 and the group continues to deploy its malicious tools, including disk-wiping malware known as KillDisk, to attack a number of targets.”

Updates to Mac Virus

 

David Harley

Intel gives up and Microsoft tries again…

Updates to Meltdown/Spectre – Related Resources

[April 4 2018] John Leyden for The Register: Badmins: Magento shops brute-forced to scrape card deets and install cryptominers

April 2nd/3rd 2018 updates

Updates to Anti-Social Media 

[2nd April 2018] Facecrooks: Facebook Is Making Its Privacy Settings Easier To Find

[3rd April 2018] John Leyden for The Register: One solution to wreck privacy-hating websites: Flood them with bogus info using browser tools – Chad Loder is quoted as saying “The internet ought to “route around” known privacy abusers, shifting from passive blocking of cookies, host names, and scripts to a more active deception model. ” Lots of other useful commentary.

Updates to Cryptocurrency/Crypto-mining News and Resources

Updates to Mac Virus

‘Android action updates’

David Harley

AVIEN resource updates 31st March 2018

Updates to Anti-Social Media

 (HT to Mich Kabay for pointing out the Economist articles – NB there’s a limit on how many you can view without subscribing.)

Updates to Cryptocurrency/Crypto-mining News and Resources

Updates to Meltdown/Spectre – Related Resources

Updates to Mac Virus

(1) iOS

(2) Android

Updates to Anti-Malware Testing Blog

David Harley

Resources updates, 26 March 2018

Updates to Anti-Social Media

Updates to Specific Ransomware Families and Types

Updates to Cryptocurrency/Crypto-mining News and Resources

David Harley

22nd March Resources Update

Cryptocurrency/Crypto-mining News and Resources

Anti-Social Media

Mac Virus

13th March 2018 resources updates

(1) New section on Trend Micro Resources in Meltdown/Spectre – Related Resources

Trend Micro: Detecting Attacks that Exploit Meltdown and Spectre with Performance Counters
“We worked on a detection technique for attacks that exploit Meltdown and Spectre by utilizing performance counters available in Intel processors. They measure cache misses — the state where data that an application requests for processing is not found in the cache memory — that can be used to detect attacks that exploit Meltdown and Spectre.”

(2) Cryptocurrency/Crypto-mining News and Resources

David Harley