A new version of a Linux crypto-mining malware previously used to target Docker containers in 2020 now focuses on new cloud service providers like the Huawei Cloud.
The analysis of the new campaign comes from researchers at TrendMicro, who explains how the malware has evolved with new features while retaining its previous functionality.
More specifically, the newer samples have commented out the firewall rules creation function (but it's still there) and continue to drop a network scanner to map other hosts with API-relevant ports.
77 Android apps on Google Play with 19 million installs spread malware, hitting 831 banks and exposing users to fraud and theft.
LOTUSLITE Backdoor Targets U.S. Policy Entities Using Venezuela-Themed Spear Phishing
Malware bypassed macOS Gatekeeper by abusing Apple's notarization proccess