Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11New malware-digging tool on Linux devices
A malware author has just created a digital digging tool that infects Linux devices, using open or default Telnet login information. This new Trojan was discovered by Dr. The Web under the name Linux.BTCMine.26, will dig Monero money and only target x86-64 machines with ARM hardware.
The mining tool infects Linux machines through unsafe Telnet ports
The researchers say trojans use Telnet scanning tools, like the Mirai IoT malware used. BTCMine will randomly scan IPv4 addresses and try to connect via Telnet.
If the port is open or the user uses 1 in the default Telnet certificates, malware connects and runs the command to download and run the actual BTCMine binary file.
This Trojan caught the eyes of Dr. researchers. The web has many references to krebsonsecurity.com, a journalist's personal blog, reputable security researcher Brian Krebs.
Refer to Brian Krebs's name or blog
This is not the first malware to mention Krebs or his blog because both are very popular among security researchers and malware authors. In recent years, malware developers have been quite keen to mock Krebs by putting his name in the code.
Virtual money digging tools are increasing
BTCMine is only part of a new trend. Over the past months, researchers from all over the world have discovered many illegal virtual money digging tools. This trend can be seen by the popularity of virtual currencies such as Ethereum, Monero or Zcash. Examples can be mentioned as:
- CoinMiner - targeting Windows, through NSA's EternalBlue vulnerability.
- DevilRobber - aiming for a Mac to do it again.
- Trojan.BtcMine.1259 - targeting Windows through NSA's DoublePulsar vulnerability.
- EternalMiner - targets Windows through the SambaCry vulnerability.
- Adylkuzz - targeting Windows through NSA's EternalBlue vulnerability.
- Bondnet - targeting Windows Servers via RDP.
- NsCpuCNMiner - targeting Seagate NSA devices.
- Many other tools are aimed at Zcash virtual money.
In order to effectively dig Bitcoin, users need machines with specially optimized hardware but with Ethereum, Monero or Zcash, they can still make a profit using regular computers. Or in BTCMine's case is through Linux machines.
If you are using Telnet to connect to Linux devices, make sure your account has a strong password. If the account has a password, make sure it's not the default password on the device or easily guessed passwords.
Isabella HumphreyYou should read it
- Samsung produces dedicated chips to dig virtual money
- Asus produces virtual money digging boards that support up to 20 GPUs
- The malware owner earned $ 63,000 from digging Monero on the IIS server
- The Opera 50 browser can block websites that dig money from encryption from user machines
- Firefox 63 improves the virtual money digging tracking tool on the browser
- Malware digs virtual money over antivirus programs, forcing Windows to crash
- How to block websites using your CPU to dig virtual money
- Warning: Bkav detected more than 700,000 computers in Vietnam infected with virtual money digging virus that slowed down the computer
May be interested
- How to dig bitcoin without wasting electricity
with the value of bitcoin peaking this week, people also discovered that digging virtual money consumes more electricity than the needs of 159 different countries in the world. - Malicious Code EvilGnome attacks Linux systems with many rare tricksthis backdoor implant is named evilgnome, and is still not recognized by any anti-malware tool on virustotal.
- New Symbiote malware is capable of infecting all processes running on Linux computerssymbiote has the ability to infect all processes running on the compromised system to steal account credentials and other data.
- How to scan malware and rootkits on Linux serverthere are many tools to help scan linux servers for malware and rootkits. this article will provide some of the best options to help deal with these cyber-enemies.
- The new threat in Linux operating system can have 'incalculable' consequences.a new virus that appears to attack a linux system, called linux / shishiga, could become a major security threat.
- Hacker hijack CoinHive DNS to dig virtual money with thousands of websiteswhen you heard about ransomware bad rabbit, did you think that was the worst thing that the security has recently received? no, here it is.
- Learn about SpeakUp - New Malware targets Linux serversa recent malware chain called speakup is using backdoor attacks to exploit on linux-based servers.
- How to detect VPNFilter malware before it destroys the routervpnfilter is a destructive malware for routers, iot devices and even some network storage devices (nas). how do you detect if your devices are infected with vpnfilter malware? and how can you remove it?
- How to install Kali Linux on Android using Linux Deployinstalling kali linux on android devices is no longer a difficult job thanks to the linux deploy tool. read the following article to learn how to do it.
- Download the malware removal tool and clean up Malware Hunter PRO computer for $ 49.95 for freemalware hunter pro is a malware detection and removal tool that helps improve computer performance by cleaning up junk and optimizing startup items / services.
Attack the network
- New variant of ransomware Arena Crysis appeared
- Watch out for the risk of spreading the virus from Facebook Messenger on Windows, MacOS and Linux
- WireX DDoS Botnet: tens of thousands of Android phones are hacked
- LabVIEW vulnerability allows hackers to attack your computer
- The new Gazer - the back door targets the ministries and embassies around the world
- A hacker in the United Kingdom found a way to temporarily encrypt the WannaCry malware
New variant of ransomware Arena Crysis appeared
Watch out for the risk of spreading the virus from Facebook Messenger on Windows, MacOS and Linux
WireX DDoS Botnet: tens of thousands of Android phones are hacked
LabVIEW vulnerability allows hackers to attack your computer
The new Gazer - the back door targets the ministries and embassies around the world
A hacker in the United Kingdom found a way to temporarily encrypt the WannaCry malware