MrbMiner crypto-jacking campaign linked to Iranian software company

Sophos researchers have investigated the brute-force attacks on MSSQL servers with the intent to compromise them and install crypto-mining malware dubbed MrbMiner. After gaining the access to the system, hackers downloaded an initial assm.exe file to achieve persistence and to add a backdoor account for future access. Then the malicious code connects to the C2 to download Monero cryptocurrency miner that runs on a local server. Read more...

Read More

Comments

Loading... Logging you in...
  • Logged in as
There are no comments posted yet. Be the first one!

Post a new comment

Comments by