About a year ago, we described the Hidden Bee miner delivered by the Underminer Exploit Kit. Hidden Bee has a complex and multi-layered internal structure that is unusual among cybercrime toolkits, making it an interesting phenomenon on the threat landscape. That’s why we’re dedicating a series of posts to exploring particular elements and updates made during one year of its … [Read more...]
Fake browser update seeks to compromise more MikroTik routers
This blog post was authored by @hasherezade and Jérôme Segura. MikroTik, a Latvian company that makes routers and ISP wireless systems, has been dealing with several vulnerabilities affecting its products’ operating system over the past few months. Ever since a critical flaw in RouterOS was identified in late April 2018, attacks have been going on at an alarming rate, made worse when … [Read more...]
Deepfakes FakeApp tool (briefly) includes cryptominer
A few weeks ago, we took a look at a forum dedicated to Deepfake clips where the site was pushing Coinhive mining scripts in the website’s HTML code. As it turns out, there’s been another mining blow-out in the form of one of the apps used to make the fakes. That’s right—a tool designed to push CPU/GPU hard in order to create movie files also wanted you to push the GPU that much … [Read more...]