Sustes Malware doesn’t infect victims by itself, but it is spread via brute-force activities with special focus on IoT and Linux servers.
Today I’d like to share a simple analysis based on a fascinating threat that I like to call Sustes (you will see name genesis in a bit).
Everybody knows Monero cryptocurrency and probably everybody knows that it has built upon privacy, by meaning It’s not that simple to figure out Monero wallet balance. Sustes (Mr.sh) is a nice example of Pirate-Mining and even if it’s hard to figure out its magnitude, since the attacker built-up private pool-proxies, I believe it’s interesting to fix wallet address in memories and to share IoC for future Protection. So, let’s have a closer look at it.
ESET repports that OilRig’s persistent attacks using cloud service-powered downloaders