Linux and IoT devices targeted in cryptomining campaign

Share post:

Microsoft has issued a warning about a new cryptomining assault targeting Linux computers and IoT devices, which is allegedly being deployed by asterzeu, who is already selling the toolkit on the malware-as-a-service market.

The attackers employ a backdoor to gain control of the devices and steal resources for cryptocurrency mining. They also install a customized version of OpenSSH, which allows them to hijack SSH credentials, roam about the network, and conceal their harmful activity.

To start the attack, they exploit weakly protected Linux hosts and then replace OpenSSH with a compromised version. This backdoor enables the attackers to deliver more harmful software and carry out further unauthorized actions like exfiltrating information about the device, installing open-source rootkits called Diamorphine and Reptile from GitHub, and taking steps to obscure its activity by clearing logs that could alert its presence.

The implant takes control of the infected system’s resources and stops any competing crypto mining processes. It also runs a modified version of ZiggyStarTux, a DDoS client that can execute commands from a command-and-control server. This modified version is based on a botnet malware called Kaiten.

The sources for this piece include an article in TheHackerNews.

SUBSCRIBE NOW

Related articles

Researchers Jailbreak DeepSeek AI, Expose System Prompt and Raise Security Concerns

Security researchers at Wallarm have successfully jailbroken DeepSeek, a recently released open-source AI model from China. The jailbreak...

New SMS Phishing Scam Targets U.S. Toll Road Users with Fake Payment Alerts

Brian Krebs of the Krebs on Security blog did a big piece leading with how residents across the...

A Hacker’s View Of The City: Cyber Security Today Special Edition

Discover how hackers exploit smart cities' vulnerabilities and what this means for our critical infrastructure. In this gripping...

Ransomware Surge Targets U.S. Energy and Utilities Sector Amid Legacy System Challenges: Report

A recent Trustwave SpiderLabs report underscores the growing cybersecurity challenges in the U.S. energy and utilities sector, driven...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways