Threat Hunting, the Investigation of Fileless Malware Attacks

spaceoctopus

Level 16
Thread author
Verified
Top Poster
Content Creator
Well-known
Jul 13, 2014
766
Fileless Monero WannaMine, a new attack discovered by PandaLabs

Mining cryptocurrencies like Bitcoin, Ethereum or Monero is nothing new. In fact, in recent years we have seen numerous attacks whose main objective is the installation of mining software. For example, it is worth remembering that before WannaCry, we had already seen attackers use the NSA EternalBlue exploit to infiltrate companies and install this type of software on their victims’ devices.

It’s safe to say that it is a booming business, as sophistication of the attacks continues to increase. A few days ago we detected a new worm that uses both hacking tools and scripts to spread through corporate networks and mine the Monero cryptocurrency in any network it makes its way into.

With Adaptive Defense, we monitor all running processes in real time on every computer where it is installed. When our Threat Hunting team observed the following command attempting to execute through one of the processes on one computer, alarms were raised: ...
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top