This article has been indexed from E Hacking News – Latest Hacker News and IT Security News
Romanian threat actors are employing a new brute-forcer “Diicot brute” to crack the passwords on Linux-based machines and install cryptominer malware.
According to Bitdefender researchers, the cryptojacking gang employs a unique SSH brute-forcer dubbed Diicot to crack weak passwords on Linux machines and install code of a miner XMRig, a legitimate open-source miner that’s been adapted for cryptojacking by numerous hackers.
The researchers said they connected the cryptojacking gang to at least two DDoS botnets: a variant of the Linux-based DDoS DemonBot botnet called “Chernobyl” and a Perl IRC bot. The main motive of this campaign is to deploy Monero mining malware, also their toolset can be used to steal sensitive information from users and perform other nefarious actions.
Cryptojacking is a slow and tedious way to generate illicit income, that’s why the actor is using botnet to infect as many devices as possible. “Owning multiple systems for mining is not cheap, so attackers try the next best thing: To remotely compromise devices and use them for mining instead,” according to the report published by Bitdefender researchers.
Threat actors are targeting peop
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: Romanian Cryptojacking Gang Target Linux-based Machines to Install Cryptominer Malware