The Latest in IT Security

Savvy cryptomining malware campaign targets Asian cloud service providers

07
Feb
2022
Savvy cryptomining malware campaign targets Asian cloud service providers

image credit: adobe stock

Asian cloud service providers have been targeted by a sophisticated malware campaign designed to steal computing power for mining cryptocurrency. The attack techniques deployed by the CoinStomp malware include timestomping (modification of a file’s timestamp), removal of system cryptographic policies, and use of a reverse shell to initiate command and control communications with the malicious software.

“Timestomping has been used by the Rocke group in prior cryptojacking attacks,” Matt Muir, a researcher for Cado Security, wrote at the company’s website. “However, it’s not a technique commonly seen in the wild. Generally, this technique is employed as an anti-forensics measure to confuse investigators and foil remediation efforts.”

Read More

Comments are closed.

Categories

SATURDAY, NOVEMBER 26, 2022
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments