HackDig : Dig high-quality web security articles for hackers

Fileless cryptocurrency miner CoinMiner uses NSA EternalBlue exploit to spread

A new fileless miner dubbed CoinMiner appeared in the wild, it uses NSA EternalBlue exploit and WMI tool to spread. A new strain of Cryptocurrency Miner dubbed CoinMiner appeared in the wild and according to the experts it is hard to detect and infects Windows PCs via EternalBlue NSA exploit. CoinMiner is a fileless malware that leverages the WMI (Windows Ma
Publish At:2017-08-22 13:35 | Read:4473 | Comments:0 | Tags:Breaking News Cyber Crime Malware CoinMiner Cybercrime ETERN

Cryptocurrency Miner Uses WMI and EternalBlue To Spread Filelessly

By Buddy Tancio Fileless malware can be a difficult threat to analyze and detect. It shouldn’t be a surprise that an increasing number of new malware threats are fileless, as threat actors use this technique to make both detection and forensic investigation more difficult. We recently found a new cryptocurrency miner (which we detect as TROJ64_COINMINER.QO)
Publish At:2017-08-21 22:35 | Read:5889 | Comments:0 | Tags:Exploits Malware cryptocurrency EternalBlue WMI

Javascript Leads to Browser Hijacking

I came across this nasty-looking script that hijacks your browser. It appears to have been around in some shape or form since 2014 but this latest version deploys an aggressive tactic I’ve not seen before. Here’s what this script looks like: The script is composed of variables and functions but finding the beginning and ending of one is made d
Publish At:2016-10-08 18:35 | Read:4862 | Comments:0 | Tags:Malscript browser hijacking hhtxnet.com javascript wmi

SprayWMI – PowerShell Injection Mass Spray Tool

SprayWMI is a method for mass spraying Unicorn PowerShell injection to CIDR notations. It’s an alternative to traditional, ‘noisy’ tools which leave something on the disk like PsExec, smbexec, winexe and so on.These tools have worked really well, however, they are fairly noisy creating a service and touching disk which will trigger modern d
Publish At:2015-12-08 04:45 | Read:5369 | Comments:0 | Tags:Exploits/Vulnerabilities Hacking Tools Windows Hacking power


Tag Cloud