1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Microsoft uncovers savage new cyberattacks hitting Linux and IoT

    From TechnologyDaily@1337:1/100 to All on Fri Jun 23 14:30:04 2023
    Microsoft uncovers savage new cyberattacks hitting Linux and IoT devices

    Date:
    Fri, 23 Jun 2023 13:18:46 +0000

    Description:
    Hackers are brute forcing their way into Linux and IoT devices to deploy cryptomining malware, Microsoft finds.

    FULL STORY ======================================================================

    Microsoft has uncovered instances of brute force hijacking affecting Linux -based IoT devices, and their resources are being used for cryptomining.

    The type of attack, known as cryptojacking, has become more prevalent in recent years as attentions have turned to cryptocurrencies and the worlds economies have suffered. Attackers can rake in huge profits simply by targeting vulnerable systems.

    The recent attack observed by Redmonds analysts involves a combination of custom and open source tools to target Internet-facing, Linux-based systems, as well as other IoT devices. Cryptojackers are targeting Linux and IoT devices

    Microsoft explains: the threat actors behind the attack use a backdoor that deploys a wide array of tools and components such as rootkits and an IRC bot to steal device resources for mining operations. Read more

    These are the best ransomware protection tools around


    Over a thousand Redis servers hijacked to mine crypto


    Microsoft Exchange ProxyShell is being exploited to mine crypto once again

    Access is gained in the first instance by brute forcing various credentials, at which point shell history is disabled, and a compromised OpenSSH archive releases malware .

    The attack also uses a backdoor to eliminate competition from other cryptomining tools, including those sneakily deployed by rival cryptojackers, by monopolizing device resources and blocking a number of hosts and IPs related to mining.

    Researchers have linked the attack to cardingforum user asterzeu , who is believed to be behind a malware-as-a-service operation.

    It is thought that the Hiveon OS is the attackers primary target, which is a Linux distro specifically designed for cryptomining.

    Even so, other operating systems are at risk and Microsoft is urging
    potential victims to ensure that they have set up secure configurations for devices, to use least-privileges access, and to keep firmware and OpenSSH versions up-to-date when possible.

    Its also keen to push the likes of Microsoft Defender for IoT and Microsoft 365 Defender, but any combination of endpoint protection software can be considered. Get a healthy cybersecurity boost with the best firewalls



    ======================================================================
    Link to news story: https://www.techradar.com/pro/microsoft-uncovers-savage-new-cyberattacks-hitti ng-linux-and-iot-devices


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)