We know, we know: Your blockchain is unassailable. But you still need to update your antivirus software. Otherwise, this Monero miner could eat into your network.
In a new report released today by cybersecurity firm Sophos, which boasts over 500,000 businesses as customers, says a new variant of the Tor2Mine crypto-miner is infecting company networks to mine Monero (XMR), a popular privacy coin known for being hard to trace.
“All of the miners we’ve seen recently are Monero miners,” Sophos threat researcher Sean Gallagher, who authored the report, told Decrypt in a phone interview.
According to Gallagher, the malware looks for holes in a network’s security, generally in the form of systems that have not had their security features—including antivirus and anti-malware software—updated or patched. Once installed on a server or computer, the malware will look for other systems to install its crypto-miner for maximum profit.NEW ⚒️ Two flavors of Tor2Mine miner dig deep into networks with PowerShell, VBScript Using remote scripts and code, one variant can even execute filelessly until it gains administrative credentials... 1/15 pic.twitter.com/OfXWYHwcTC — SophosLabs (@SophosLabs) December 2, 2021
Hacks remain a real concern for DAOs and DeFi projects, which are vulnerable to more than just smart contract exploits. Yesterday, Decrypt reported BadgerDAO was hacked for $120 million in a front-end exploit, according to the cybersecurity firm PeckShield.
“Once it has established a foothold on a network, it is difficult to root out without the assistance of endpoint protection software and other anti-malware measures,” Gallagher said in a press release. “Because it spreads laterally away from the initial point of compromise, it can’t ...