MrbMiner crypto-jacking campaign linked to Iranian software company

Sophos researchers have investigated the brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. After gaining the access to the system, hackers downloaded an initial assm.exe file to achieve persistence and to add a backdoor account for future access. Then the malicious code connects to the C2 to download Monero cryptocurrency miner that runs on a local server. Read more...

News

Posted on January 24, 2021 by Mash

Two Cisco Zero-days Actively Exploited To Breach Goverment Networks
Remove CAPTCHAFORM.AZUREWEBSITES.NET virus (Removal Guide)
Remove AURCHROVE.CO.IN virus (Removal Guide)
Remove INVV7N.CARMICCITACT.COM virus (Removal Guide)
Remove CONFICULGANNING.COM virus (Removal Guide)
Remove 1GOCASINOVIP14.COM virus (Removal Guide)
Remove CR04.BIZ virus (Removal Guide)
Remove LEYLA-GUNCUK.AZUREWEBSITES.NET virus (Removal Guide)
Remove WEBSNEWSDATE.COM virus (Removal Guide)
Remove 1XLITE-660473.TOP virus (Removal Guide)

MrbMiner crypto-jacking campaign linked to Iranian software company

Read More

Got Something To Say?