Attackers Use Cryptomining Malware to Target Organizations


Earlier this year in June, a security researcher from security firm Sonatype uncovered six malicious payloads in the official Python programming language’s PyPI repository that were laced with cryptomining malware. The attackers used typo-squatted names for the malicious payloads that were downloaded more than 5000 times. All the packages were posted on PyPI by the author “nedog123,” some as early as April of this year. Attackers used typosquats to trick people into thinking they were normal programs and hide their main purpose of hijacking developer systems for cryptomining. The PyPI event is complex because it combines three different kinds of attacks: logic bombs, cryptojacking, and software supply chain attacks. The risk posed by these kinds of attacks requires immediate action from organizations if they want to shield their database. Logic Bomb Attacks A logic bomb also known as 'code bomb', cyber bomb, or slag code is a malicious piece of code that gets executed under specific conditions, usually with a malicious purpose. One challenge with logic bomb attacks is that they are sneaky in nature and can go undetected for long periods of time. All the logic bomb attacks vary in form and function from one another which help malicious actors to install logic bombs that victim can’t easily detect. The logic bomb attacks are used for various purposes like stealing data, deleting or corrupting data, locking systems, or launching cryptomining processes.Cryptojacking Cryptojacking, the illicit hijacking of computers, smartphones, or even servers to mine cryptocurrency. Attackers can steal huge bandwidth and compute energy, and, in the end, financial resources as it works to solve the equations needed for mining curr ..

Support the originator by clicking the read the rest link below.