Sunday, June 7, 02:32
Home security Cryptomining botnet uses a Taylor Swift image to hide malware payloads

Cryptomining botnet uses a Taylor Swift image to hide malware payloads

Taylor SwiftLately, a new thing is happening attack through one cryptocurrency-mining botnet. The interest in this campaign is how to distribute malware to victims. The hackers have been hiding malware payloads in a picture of pop singer Taylor Swift to affect infected computers.

The name of the botnet is MyKingz. It is also known as Smominru, DarkCloud or Hexmen.

The story of the MyKingz botnet

MyKingz botnet first appeared at the end of 2017. It has been classified as best botnet for cryptomining businesses.

Initially, the team behind MyKingz infect systems Windows, developing various cryptomining applications.

The botnet has one of the most versatile scanning and infection mechanisms on Internet. MyKingz can target everything from MySQL to MS-SQL, from Telnet to SSH and from RDP to IPC and WMI.

For these reasons, MyKingz has been able to grow very quickly and become one of the most effective botnets. From the very first months of his life he managed to become infected more than 525.000 systems Windows and steal Monero worth $ 2.3 million.

The botnet attacks were limited at some point, so some thought it had disappeared. However, in the summer some reports were published Guardicore and Carbon Black which showed that MyKingz is still "alive" and infects a large number of computers (4.700 computers per day).

Taylor Swift

According to a report by Sophos, the latest campaign using MyKingz botnet was detected this month and targets United Kingdom.

MyKingz detects vulnerable computers, thanks to tool scans, and accesses them, but needs a way to deploy malware payloads on infected systems.

Sophos researchers note that the hackers behind MyKingz are using its technique sealing, which allows them to hide malicious files in a legal way archives.

In this case, the hackers hide a malicious EXE inside a JPEG image of Taylor Swift.

In this way, hackers try to trick the security software used by Companies to protect their networks. The programms security they will only see that a Taylor Swift single image (JPEG) is being downloaded, and they will not understand that there is a very dangerous EXE file.

This is not the first time we see one hacking team to use a star's signature or image to distribute malware. Last year, some hackers used an image of actress Scarlett Johansson to develop malicious software on hacked PostgreSQL databases.

In recent months, hackers have not only limited their use of images to attack, but have also used other types, such as WAV audio files.

MyKingz has been one of the biggest threats to Windows computers in the last two years. Updated systems are located at risk.

Sophos researchers believe the team behind the MyKingz botnet earns about $ 300 / day. Overall, since the day it appeared it has offered its administrators over $ 3 million.

LEAVE ANSWER

Please enter your comment!
Please enter your name here

Absent Mia
Absent Miahttps://www.secnews.gr
Being your self, in a world that constantly tries to change you, is your greatest achievement

LIVE NEWS

Lyrics from AI technology or from people: Can you tell them apart?

While a large percentage of people can recognize when they are talking on a chatbot instead of a human operator, it seems that this is not the case ...

Technology and children: When are they ready for safe use?

Today's children and teens use various messaging apps and social media to ...

Call of Duty Black Ops Cold War: The first video leaked

The first video from the gameplay of Call of Duty 2020, which is rumored to be called Black Ops Cold War, has just been revealed.

Elon Musk: "It's time to break up Amazon"

Elon Musk intensifies the fight with Jeff Bezos with a new tweet: The General Manager of Tesla Inc., Elon Musk, said ...

Attack on America's 5G towers on Saturday!

Protests over 5G connectivity are scheduled to take place over the weekend, according to NATE. According to a recommendation that was identified ...

Windows 10 Updates: You can block them with Wu10Man!

Microsoft launched the Windows 10 update in May 2020, so it will be available on your computer soon ....

ECh0raix Ransomware: New campaign targets QNAP NAS devices!

Malicious agents behind eCh0raix Ransomware have launched a new campaign targeting QNAP NAS devices. ECh0raix was observed ...

Mac: How to change the storage location of your screenshots?

When you take screenshots on your Mac device using the Shift-Command-3 shortcut to take a screenshot of the entire computer screen or Shift-Command-4 ...

Malware USBCulprit: Aims devices that are not connected to a network

Did you think that devices without any connection to a local or other network (air-gapped devices) are safe? Think again! The USBCulprit malware that ...

Free Microsoft Teams: You can finally create meetings!

Users of the free version of Microsoft Teams can now create video meetings. The change, identified by ...