Hackers start using Dogecoin to infiltrate into users’ computers as the coin’s moment still hasn’t ended thanks to Elon Musk and TikTok. Hackers started using the meme cryptocurrency in order to obtain control over the mining malware so let’s find out more in the upcoming Dogecoin news.
Hackers start using Dogecoin to maintain a crypto-mining botnet as the attackers are accessing APIs with DOGE wallets to hide their location and the attacks are still ongoing. The Meme coin Dogecoin is being used by hackers to control XMR-mining malware on Linux operating systems according to the Intenzer Labs reports yesterday. When Intezer Labs was analyzing the new backdoor Trojan virus named Doki, they found an old attacker that was using it to direct mining malware on the public web servers. There was a key difference, however. The company found the hacker under the name Ngrok who uncovered a new method to use the coin wallets for infiltrating web servers which is a first use of this kind for DOGE:
“Doki uses a previously undocumented method to contact its operator by abusing the Dogecoin cryptocurrency blockchain in a unique way in order to dynamically generate its C2 domain address.”
The attackers targeted control and command servers which are used to organize and take over control over compromised systems within a target network including smartphones, laptops, PCs, and other internet-connected devices. Using Dogecoin transactions, the attackers were able to change the C2 addresses on exposed computers which they use to run their Monero mining bots. This allowed for a change in their location which in turn allowed them to run the attack without being caught.
Intezer said that these steps meant that security companies have to access the hacker’s dogecoin wallet in order to take down Doki which was impossible without knowing the private keys of the wallet. It seems to have worked well so far as Intenzer said that Doki has been active since January but remained undetected on all scanning software results on Linux servers. The attack is still active today and Intezer labs noted that over the past few months, docker servers were targeted by malware operators and crypto mining attackers. A way to prevent a Ngrok botnet attack is to not be connected to the internet.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]