Threat Level: green Handler on Duty: Yee Ching Tok

SANS ISC: Diaries by Keyword - SANS Internet Storm Center Diaries by Keyword

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
Date Author Title

CRYPTOCURRENCY MINER

2019-01-10Brad DuncanHeartbreaking Emails: "Love You" Malspam

CRYPTOCURRENCY

2022-04-21/a>Xavier MertensMulti-Cryptocurrency Clipboard Swapper
2021-08-30/a>Xavier MertensCryptocurrency Clipboard Swapper Delivered With Love
2019-01-10/a>Brad DuncanHeartbreaking Emails: "Love You" Malspam
2018-10-05/a>Jim ClausingA strange spam
2018-01-30/a>Kevin ListonUsing FLIR in Incident Response?
2018-01-11/a>Xavier MertensMining or Nothing!

MINER

2022-04-05/a>Johannes UllrichWebLogic Crypto Miner Malware Disabling Alibaba Cloud Monitoring Tools
2021-12-21/a>Xavier MertensMore Undetected PowerShell Dropper
2021-03-19/a>Xavier MertensPastebin.com Used As a Simple C2 Channel
2020-11-07/a>Guy BruneauCryptojacking Targeting WebLogic TCP/7001
2020-02-02/a>Didier StevensVideo: Stego & Cryptominers
2019-12-26/a>Xavier MertensBypassing UAC to Install a Cryptominer
2019-04-02/a>Johannes UllrichFake AV is Back: LaCie Network Drives Used to Spread Malware
2019-01-10/a>Brad DuncanHeartbreaking Emails: "Love You" Malspam
2019-01-02/a>Xavier MertensMalicious Script Leaking Data via FTP
2018-11-30/a>Remco VerhoefCoinMiners searching for hosts
2018-09-07/a>Xavier MertensCrypto Mining in a Windows Headless Browser
2018-08-30/a>Xavier MertensCrypto Mining Is More Popular Than Ever!
2018-07-13/a>Xavier MertensCryptominer Delivered Though Compromized JavaScript File
2018-03-05/a>Xavier MertensMalicious Bash Script with Multiple Features
2018-03-04/a>Xavier MertensThe Crypto Miners Fight For CPU Cycles
2017-11-13/a>Guy BruneauVBE Embeded Script (info.zip)
2017-09-30/a>Lorna HutchesonWho's Borrowing your Resources?
2017-01-12/a>Mark BaggettSome tools updates
2016-11-13/a>Guy BruneauBitcoin Miner File Upload via FTP
2014-07-07/a>Johannes UllrichMulti Platform *Coin Miner Attacking Routers on Port 32764
2014-04-01/a>Johannes Ullrichcmd.so Synology Scanner Also Found on Routers
2013-12-16/a>Tom WebbThe case of Minerd
2009-11-25/a>Jim ClausingTool updates