Good news ! Hackbusters community is waiting for you !  https://discuss.hackbusters.com
KnowBe4 has been running the HackBusters site for a few years now, providing you with trending IT security news. We are expanding it and have launched a new exciting online community! The forum is divided into four main topics or categories: Social Engineering, Ransomware, Phishing and Security Awareness Training. You are invited to be one of the first to join us at: https://discuss.hackbusters.com.

New 'PyRoMineIoT' Malware Spreads via NSA-Linked Exploit

A recently discovered piece of crypto-currency miner malware isn’t only abusing a National Security Agency-linked remote code execution exploit to spread, but also abuses infected machines to scan for vulnerable Internet of Things (IoT) devices.

Dubbed PyRoMineIoT, the malware is similar to the PyRoMine crypto-currency miner that was detailed in late April. Both mine for Monero, both are Python-based, and both use the EternalRomance exploit for propagation purposes (the vulnerability was patched in April last year).

The older threat, Fortinet’s Jasper Manuel reveals, has received an update to add some obfuscation, likely in an attempt to evade detection from anti-virus programs.

The latest PyRoMine variant is hosted on the same IP address 212[.]83.190[.]122, was compiled with PyInstaller into a stand-alone executable, and continues to use the EternalRomance implementation found on the Exploit Database website, the same as the initially analyzed variant.

After a successful...(continued)

View All Trending Stories