Another Monero cryptojacking malware, discovered by Guardicore Labs is now deployed to ten million IP addresses that target government offices but also medical centers, banks, and educational institutions. The malware botnet known as FritzFrog works by installing an XMR mining app known as XMRrig so let’s learn more about it in the monero news today.
According to the study by Guardicore Labs that we are reading more about in our Monero news, another Monero cryptojacking malware has hit millions of IP addresses by using a brute-force attack to gain access to servers. That’s when an attacker submits many passwords or passphrases hoping to guess correctly once. After it gets in, it continues to run a process named “libexec” to execute XMRig:
“It has successfully breached over 500 SSH servers, including those of known high-education institutions in the U.S. and Europe, and a railway company.”
The cybersecurity firm said that FritzForg seems to be one-of-its-kind malware which it was quite complicated to track as it as the connection was hidden within the peer to peer network. The researcher at Guardicore Labs Ophir Harpaz commented:
“Unlike other P2P botnets, FritzFrog combines a set of properties that makes it unique: it is fileless, as it assembles and executes payloads in-memory. It is more aggressive in its brute-force attempts, yet stays efficient by distributing targets evenly within the network.”
Harpaz recommended choosing stronger passwords and using public-key authentication which is much safer to avoid getting attackers by cryptojacking malware such as FritzFrog. The cybersecurity researchers at Cado Security detected what they believe to be a first-ever crypto mining campaign to steal Amazon Web Services credentials named TeamTNT which deploys the same XMR mining app.
We also previously reported in our monero news that there was another attack using XMR when Telecom Argentina announced to be under attack by hackers that demanded $7.5 million in XMR. Anonymous sources claim that the cyberattack was going on for a few days when the staff attributed poor IT performance with many glitches within the system. The investigations made by the company resulted in many other departments from saying they were not able to open files, access emails, and disconnect the terminals from their system. The fact that the hackers demanded Monero only highlights the fact that there’s too little privacy in today’s world.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]