When it comes to cybercrime one does not necessarily have to be good to be successful as is being demonstrated by the cryptomining campaign Vivin.
Cisco Talos first came across samples of Vivin’s activity in November 2019, but upon further research found this mining activity had been ongoing since at least 2017. The fact it remained under the industry’s radar for so long enabling its operators to mine thousands of dollars’ worth of Monero is curious because Vivin exhibits poor operational security.
“Vivin makes a minimal effort to hide their actions, making poor operational security decisions such as posting the same Monero wallet address found in our observable samples on online forms and social media,” Talos wrote, adding that organizations need to be aware of bottom feeders along with more sophisticated operations as there is still money to be made mining cryptocurrency.
The threat actor also makes the same mistake of many people when it comes to protecting their security and reuses the same or similar usernames for a number of online accounts, including services used in the execution chains of the cryptomining malware.
The ..
Support the originator by clicking the read the rest link below.
