Tag: Cryptojacking Attacks

Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances
News

Commando Cat Cryptojacking Attacks Target Misconfigured Docker Instances

An ongoing cryptojacking assault effort that uses shoddy security Docker instances to deploy cryptocurrency miners for profit has been connected to the threat actor Commando Cat. The payload is retrieved from the attackers' own command-and-control (C&C) infrastructure via the cmd.cat/chattr docker image container, according to an analysis released on Thursday by Trend Micro researchers Sunil Bharti and Shubham Singh. Initially reported by Cado Security earlier this year, Commando Cat gets its name from the fact that it creates a benign container using the open-source Commando project. The attacks are typified by the use of misconfigured Docker remote API servers to launch the cmd.cat/chattr Docker image read more Commando Cat Cryptojacking Attacks Target Misconfigured Docker ...
EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub
News

EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on GitHub

In an attempt to aid cryptojacking activities, a new continuing campaign known as EleKtra-Leak has focused on exposed identity and access management (IAM) credentials from Amazon Web Services (AWS) inside open GitHub projects. Researchers William Gamazo and Nathaniel Quist of Palo Alto Networks Unit 42 said in a technical report shared with The Hacker News that "as a result of this, the threat actor associated with the campaign was able to create multiple AWS Elastic Compute (EC2) instances that they used for wide-ranging and long-lasting cryptojacking operations." Operating since December 2020 at the latest, the operation's goal is to mine Monero from up to 474 distinct Amazon EC2 instances between read more EleKtra-Leak Cryptojacking Attacks Exploit AWS IAM Credentials Exposed on ...