• bitcoinBitcoin (BTC) $ 67,772.00
  • ethereumEthereum (ETH) $ 3,845.13
  • tetherTether (USDT) $ 0.999166
  • bnbBNB (BNB) $ 596.96
  • solanaSolana (SOL) $ 165.82
  • staked-etherLido Staked Ether (STETH) $ 3,844.57
  • usd-coinUSDC (USDC) $ 0.999660
  • xrpXRP (XRP) $ 0.523368
  • dogecoinDogecoin (DOGE) $ 0.164071
  • the-open-networkToncoin (TON) $ 6.32
  • cardanoCardano (ADA) $ 0.454492
  • shiba-inuShiba Inu (SHIB) $ 0.000025
  • avalanche-2Avalanche (AVAX) $ 36.70
  • chainlinkChainlink (LINK) $ 18.03
  • wrapped-bitcoinWrapped Bitcoin (WBTC) $ 67,837.00
  • polkadotPolkadot (DOT) $ 7.33
  • tronTRON (TRX) $ 0.110427
  • bitcoin-cashBitcoin Cash (BCH) $ 462.08
  • nearNEAR Protocol (NEAR) $ 7.70
  • uniswapUniswap (UNI) $ 10.88
  • pepePepe (PEPE) $ 0.000016
  • matic-networkPolygon (MATIC) $ 0.726201
  • litecoinLitecoin (LTC) $ 82.98
  • fetch-aiFetch.ai (FET) $ 2.23
  • internet-computerInternet Computer (ICP) $ 12.06
  • leo-tokenLEO Token (LEO) $ 5.97
  • daiDai (DAI) $ 0.999273
  • wrapped-eethWrapped eETH (WEETH) $ 3,996.87
  • ethereum-classicEthereum Classic (ETC) $ 30.93
  • aptosAptos (APT) $ 9.30
  • render-tokenRender (RNDR) $ 9.94
  • renzo-restaked-ethRenzo Restaked ETH (EZETH) $ 3,812.88
  • hedera-hashgraphHedera (HBAR) $ 0.103823
  • immutable-xImmutable (IMX) $ 2.31
  • cosmosCosmos Hub (ATOM) $ 8.47
  • mantleMantle (MNT) $ 1.02
  • kaspaKaspa (KAS) $ 0.139023
  • filecoinFilecoin (FIL) $ 5.87
  • dogwifcoindogwifhat (WIF) $ 3.25
  • crypto-com-chainCronos (CRO) $ 0.119253
  • arbitrumArbitrum (ARB) $ 1.18
  • stellarStellar (XLM) $ 0.107599
  • first-digital-usdFirst Digital USD (FDUSD) $ 0.998615
  • the-graphThe Graph (GRT) $ 0.310953
  • bittensorBittensor (TAO) $ 424.86
  • blockstackStacks (STX) $ 1.97
  • ethena-usdeEthena USDe (USDE) $ 1.00
  • okbOKB (OKB) $ 47.07
  • optimismOptimism (OP) $ 2.50
  • flokiFLOKI (FLOKI) $ 0.000272
  • arweaveArweave (AR) $ 40.21
  • moneroMonero (XMR) $ 143.33
  • vechainVeChain (VET) $ 0.035250
  • makerMaker (MKR) $ 2,724.55
  • bonkBonk (BONK) $ 0.000038
  • suiSui (SUI) $ 1.02
  • injective-protocolInjective (INJ) $ 24.82
  • theta-tokenTheta Network (THETA) $ 2.26
  • fantomFantom (FTM) $ 0.801780
  • thorchainTHORChain (RUNE) $ 6.65
  • lido-daoLido DAO (LDO) $ 2.44
  • rocket-pool-ethRocket Pool ETH (RETH) $ 4,259.83
  • coredaoorgCore (CORE) $ 2.06
  • celestiaCelestia (TIA) $ 9.73
  • mantle-staked-etherMantle Staked Ether (METH) $ 3,963.82
  • ondo-financeOndo (ONDO) $ 1.24
  • bitget-tokenBitget Token (BGB) $ 1.22
  • aaveAave (AAVE) $ 106.64
  • sei-networkSei (SEI) $ 0.536726
  • pyth-networkPyth Network (PYTH) $ 0.432026
  • algorandAlgorand (ALGO) $ 0.189929
  • jupiter-exchange-solanaJupiter (JUP) $ 1.14
  • galaGALA (GALA) $ 0.043404
  • starknetStarknet (STRK) $ 1.24
  • whitebitWhiteBIT Coin (WBT) $ 9.83
  • beam-2Beam (BEAM) $ 0.028453
  • flowFlow (FLOW) $ 0.925941
  • quant-networkQuant (QNT) $ 90.84
  • ethenaEthena (ENA) $ 0.885982
  • jasmycoinJasmyCoin (JASMY) $ 0.026694
  • chilizChiliz (CHZ) $ 0.138850
  • akash-networkAkash Network (AKT) $ 5.17
  • bitcoin-svBitcoin SV (BSV) $ 60.92
  • singularitynetSingularityNET (AGIX) $ 0.930569
  • cheeleeCheelee (CHEEL) $ 20.32
  • bittorrentBitTorrent (BTT) $ 0.000001
  • dydx-chaindYdX (DYDX) $ 2.00
  • flare-networksFlare (FLR) $ 0.027334
  • tokenize-xchangeTokenize Xchange (TKX) $ 13.87
  • axie-infinityAxie Infinity (AXS) $ 7.60
  • neoNEO (NEO) $ 15.19
  • pendlePendle (PENDLE) $ 6.88
  • elrond-erd-2MultiversX (EGLD) $ 38.82
  • wormholeWormhole (W) $ 0.581395
  • gatechain-tokenGate (GT) $ 7.97
  • worldcoin-wldWorldcoin (WLD) $ 4.59
  • roninRonin (RON) $ 3.14
  • zebec-protocolZebec Protocol (ZBC) $ 0.019577
  • the-sandboxThe Sandbox (SAND) $ 0.440850
  • kucoin-sharesKuCoin (KCS) $ 10.36
  • havvenSynthetix Network (SNX) $ 2.99
  • kelp-dao-restaked-ethKelp DAO Restaked ETH (RSETH) $ 3,867.93
  • safeSafe (SAFE) $ 2.24
  • tezosTezos (XTZ) $ 0.962196
  • mina-protocolMina Protocol (MINA) $ 0.849086
  • ecasheCash (XEC) $ 0.000048
  • book-of-memeBOOK OF MEME (BOME) $ 0.013475
  • eosEOS (EOS) $ 0.800227
  • msolMarinade Staked SOL (MSOL) $ 197.84
  • gnosisGnosis (GNO) $ 350.60
  • ether-fi-staked-ethether.fi Staked ETH (EETH) $ 3,823.37
  • conflux-tokenConflux (CFX) $ 0.218499
  • ribbon-financeRibbon Finance (RBN) $ 0.898876
  • aioz-networkAIOZ Network (AIOZ) $ 0.780856
  • ordinalsORDI (ORDI) $ 39.93
  • ethereum-name-serviceEthereum Name Service (ENS) $ 26.51
  • decentralandDecentraland (MANA) $ 0.447844
  • apecoinApeCoin (APE) $ 1.29
  • notcoinNotcoin (NOT) $ 0.007941
  • nexoNEXO (NEXO) $ 1.43
  • pancakeswap-tokenPancakeSwap (CAKE) $ 2.93
  • frax-etherFrax Ether (FRXETH) $ 3,829.62
  • lido-staked-solLido Staked SOL (STSOL) $ 197.02
  • nervos-networkNervos Network (CKB) $ 0.016909
  • kavaKava (KAVA) $ 0.682161
  • echelon-primeEchelon Prime (PRIME) $ 18.74
  • iotaIOTA (IOTA) $ 0.224181
  • usddUSDD (USDD) $ 0.995071
  • corgiaiCorgiAI (CORGIAI) $ 0.002089
  • dexeDeXe (DEXE) $ 12.32
  • coinbase-wrapped-staked-ethCoinbase Wrapped Staked ETH (CBETH) $ 4,112.22
  • swethSwell Ethereum (SWETH) $ 4,060.19
  • based-brettBrett (BRETT) $ 0.070273
  • blurBlur (BLUR) $ 0.425666
  • klay-tokenKlaytn (KLAY) $ 0.187383
  • fasttokenFasttoken (FTN) $ 2.21
  • heliumHelium (HNT) $ 4.14
  • livepeerLivepeer (LPT) $ 20.99
  • theta-fuelTheta Fuel (TFUEL) $ 0.101323
  • terra-lunaTerra Luna Classic (LUNC) $ 0.000112
  • woo-networkWOO (WOO) $ 0.348367
  • fraxFrax (FRAX) $ 0.997079
  • sats-ordinalsSATS (Ordinals) (SATS) $ 0.00000030
  • pepecoin-2PepeCoin (PEPECOIN) $ 5.39
  • axelarAxelar (AXL) $ 0.918393
  • bitcoin-goldBitcoin Gold (BTG) $ 35.05
  • oasis-networkOasis Network (ROSE) $ 0.089883
  • ocean-protocolOcean Protocol (OCEAN) $ 0.931370
  • staked-frax-etherStaked Frax Ether (SFRXETH) $ 4,171.00
  • curve-dao-tokenCurve DAO (CRV) $ 0.475036
  • turboTurbo (TURBO) $ 0.008375
  • tether-goldTether Gold (XAUT) $ 2,344.92
  • illuviumIlluvium (ILV) $ 88.31
  • manta-networkManta Network (MANTA) $ 1.73
  • osmosisOsmosis (OSMO) $ 0.850991
  • aerodrome-financeAerodrome Finance (AERO) $ 1.20
  • dydxdYdX (ETHDYDX) $ 2.00
  • magaMAGA (TRUMP) $ 12.01
  • ether-fiEther.fi (ETHFI) $ 4.84
  • enjincoinEnjin Coin (ENJ) $ 0.376825
  • mog-coinMog Coin (MOG) $ 0.000001
  • memecoin-2Memecoin (MEME) $ 0.028747
  • altlayerAltLayer (ALT) $ 0.351197
  • mantra-daoMANTRA (OM) $ 0.649885
  • dymensionDymension (DYM) $ 3.07
  • xdce-crowd-saleXDC Network (XDC) $ 0.035171
  • iotexIoTeX (IOTX) $ 0.055231
  • golemGolem (GLM) $ 0.507787
  • true-usdTrueUSD (TUSD) $ 0.998548
  • astarAstar (ASTR) $ 0.088988
  • stader-ethxStader ETHx (ETHX) $ 3,939.73
  • arkhamArkham (ARKM) $ 2.24
  • raydiumRaydium (RAY) $ 1.83
  • wemix-tokenWEMIX (WEMIX) $ 1.33
  • 1inch1inch (1INCH) $ 0.411620
  • rocket-poolRocket Pool (RPL) $ 23.22
  • stepnGMT (GMT) $ 0.229677
  • compound-ethercETH (CETH) $ 77.30
  • trust-wallet-tokenTrust Wallet (TWT) $ 1.11
  • celoCelo (CELO) $ 0.859081
  • polymeshPolymesh (POLYX) $ 0.433863
  • project-galaxyGalxe (GAL) $ 3.93
  • superfarmSuperVerse (SUPER) $ 1.00
  • 0x0x Protocol (ZRX) $ 0.533948
  • popcatPopcat (POPCAT) $ 0.461341
  • biconomyBiconomy (BICO) $ 0.577012
  • zilliqaZilliqa (ZIL) $ 0.024269
  • ankrAnkr Network (ANKR) $ 0.044700
  • apenftAPENFT (NFT) $ 0.00000045
  • skaleSKALE (SKL) $ 0.084968
  • metis-tokenMetis (METIS) $ 76.92
  • pax-goldPAX Gold (PAXG) $ 2,343.74
  • gemini-dollarGemini Dollar (GUSD) $ 1.00
  • holotokenHolo (HOT) $ 0.002409
  • compound-governance-tokenCompound (COMP) $ 61.35
  • radixRadix (XRD) $ 0.040216
  • jito-governance-tokenJito (JTO) $ 3.42
  • mx-tokenMX (MX) $ 4.25
  • terra-luna-2Terra (LUNA) $ 0.596197
  • dog-go-to-the-moon-runeDOG•GO•TO•THE•MOON (🐕) $ 0.004067

Windows tool targeted by hackers deploys crypto mining malware

0 122

Windows tool targeted by hackers deploys crypto mining malware

  cointelegraph.com 12 m

Windows tool targeted by hackers deploys crypto mining malware

Hackers have been using a Windows tool to drop cryptocurrency-mining malware since November 2021, according to an analysis from Cisco’s Talos Intelligence. The attacker exploits Windows Advanced Installer — an application that helps developers package other software installers, such as Adobe Illustrator — to execute malicious scripts on infected machines.

According to a Sept. 7 blog post, the software installers affected by the attack are mainly used for 3D modeling and graphic design. Additionally, most of the software installers used in the malware campaign are written in French. The findings suggest that the «victims are likely across business verticals, including architecture, engineering, construction, manufacturing, and entertainment in French language-dominant countries,» explains the analysis.

The attacks predominantly affect users in France and Switzerland, with a few infections in other countries, including the United States, Canada, Algeria, Sweden, Germany, Tunisia, Madagascar, Singapore and Vietnam, the post notes based on DNS request data sent to the attacker’s command and control (C2) host.

The illicit crypto mining campaign identified by Talos involves the deployment of malicious PowerShell and Windows batch scripts to execute commands and establish a backdoor in the victim’s machine. PowerShell, specifically, is well-known for running in the memory of the system instead of the hard drive, making it harder to identify an attack.

Windows tool targeted by hackers deploys crypto mining malware

Example of a software installer packaged with malicious scripts using Advanced Installer. Source: Talos Intelligence.

Once the backdoor is installed, the attacker executes additional threats, such as the Ethereum crypto-mining program PhoenixMiner, and lolMiner, a multi-coin mining threat.

«These malicious scripts are executed using Advanced Installer’s Custom Action feature, which allows users to predefine custom installation tasks. The final payloads are PhoenixMiner and lolMiner, publicly available miners relying on computers’ GPU capabilities»

The use of crypto mining malware is known as cryptojacking, and involves installing a crypto mining code on a device without the user’s knowledge or permission in order to illegally mine cryptocurrencies. Signs that mining malware may be running in a machine include overheating and poorly performing devices.

Using malware families to hijack devices to mine or steal cryptocurrencies isn’t a new practice. Former smartphone giant BlackBerry recently identified malware scripts actively targeting at least three sectors, including financial services, healthcare and government.

Source

Leave A Reply

Your email address will not be published.