Tuesday, April 13, 2021
  • Setup menu at Appearance » Menus and assign menu to Top Bar Navigation
Advertisement
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News
No Result
View All Result
NikolaNews
No Result
View All Result
Home Internet Security

Cryptocurrency-mining botnet uses a Taylor Swift image to hide malware payloads

December 19, 2019
in Internet Security
Cryptocurrency-mining botnet uses a Taylor Swift image to hide malware payloads
586
SHARES
3.3k
VIEWS
Share on FacebookShare on Twitter

The operators of a cryptocurrency-mining botnet are currently using an image of pop singer Taylor Swift to hide malware payloads they send to infected computers — as part of their normal infection chain.

The name of the botnet is MyKingz, also known as Smominru, DarkCloud, or Hexmen, depending on the cyber-security firm whose report you’re reading.

You might also like

Who do I pay to get the ‘phone’ removed from my iPhone?

Criminals spread malware using website contact forms with Google URLs

Critical security alert: If you haven’t patched this old VPN vulnerability, assume your network is compromised

A short history of the MiKingz botnet

MyKingz was first spotted in late 2017. Since then, the botnet has been the largest crypto-mining malware operation on the market.

The group behind MyKingz primarily focuses on infecting Windows systems, where they deploy various cryptocurrency-mining apps, which they use to generate profits by an infected device’s resources.

The botnet features one of the most diversified internet scanning and infection mechanisms seen in malware botnets. If there’s a port or vulnerability to be scanned or exploited, MyKingz is involved to some degree. Everything is targeted, from MySQL to MS-SQL, from Telnet to SSH, and from RDP to rarer stuff like IPC and WMI.

This has allowed the botnet to grow very quickly. In its first months of life, MyKingz reportedly infected more than 525,000 Windows systems, earning its creator(s) more than $2.3 million worth of Monero (XMR).

As the MyKingz gang is also a big fan of the EternalBlue exploit, the botnet buries deep inside corporate networks, and its estimated size of half a million bots is most likely much larger.

While some thought the botnet had died out since the last reports in early 2018, Guardicore and Carbon Black reports published over the summer revealed that the botnet was still very much alive, still infecting a large number of computers, estimated at around 4,700 new systems per day.

The Taylor Swift image

The latest development in this botnet’s modus operandi was spotted this month by UK-based security firm Sophos. The change isn’t a big deal in the grand scheme of things, but it’s both interesting and funny.

As MyKingz’s internet scanning module identifies vulnerable hosts and gains a foothold on infected computers, they need a way to deploy various malware payloads on the hacked systems.

According to Sophos, the MyKingz crew is now experimenting with steganography, a technique that allows them to hide malicious files inside legitimate ones.

In this case, the MyKingz crew is hiding a malicious EXE inside a JPEG image of pop singer Taylor Swift.


Image: Sophos Labs

The purpose of using this technique is to trick security software running on enterprise networks. These security products will only see a host system downloading a banal JPEG file, rather than a much dangerous EXE file.

MyKingz is not, by any chance, the first malware gang to use steganography or an image of a celebrity. Last year, another malware gang used an image of actress Scarlett Johansson to deploy malware on hacked PostgreSQL databases.

In recent months, malware gangs have also evolved away from images altogether, with some malware operations experimenting with other file formats for steganography-based attacks, such as WAV audio files.

But while this might be a funny observation in recent MyKingz attacks, the use of a Taylor Swift image to hide malware is not the real issue here.

The real issue is that MyKingz has proven to be one of the biggest threats to Windows computers and enterprise networks for the past two years. Any system left unpatched or with unprotected ports is very likely to be compromised by this botnet.

Sophos estimates that MyKingz operators are currently making around $300/day, on average, bringing their historical total to around 9,000 XMR, worth more than $3 million today. Sophos’ latest report on MyKingz is available as a PDF file, here.

Credit: Zdnet

Previous Post

Dotscience Forms Partnerships to Strengthen Machine Learning

Next Post

Pixelmator Pro: Image magic via machine learning

Related Posts

Apple looking to close the gap between web and app privacy
Internet Security

Who do I pay to get the ‘phone’ removed from my iPhone?

April 13, 2021
Criminals spread malware using website contact forms with Google URLs
Internet Security

Criminals spread malware using website contact forms with Google URLs

April 13, 2021
Bug bounties: More hackers are spotting vulnerabilities across web, mobile and IoT
Internet Security

Critical security alert: If you haven’t patched this old VPN vulnerability, assume your network is compromised

April 13, 2021
Billions of smartphone owners will soon be authorising payments using facial recognition
Internet Security

Billions of smartphone owners will soon be authorising payments using facial recognition

April 13, 2021
PayPal rolls out new fraud management tools for merchants
Internet Security

PayPal rolls out new fraud management tools for merchants

April 12, 2021
Next Post
Pixelmator Pro: Image magic via machine learning

Pixelmator Pro: Image magic via machine learning

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recommended

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

Plasticity in Deep Learning: Dynamic Adaptations for AI Self-Driving Cars

January 6, 2019
Microsoft, Google Use Artificial Intelligence to Fight Hackers

Microsoft, Google Use Artificial Intelligence to Fight Hackers

January 6, 2019

Categories

  • Artificial Intelligence
  • Big Data
  • Blockchain
  • Crypto News
  • Data Science
  • Digital Marketing
  • Internet Privacy
  • Internet Security
  • Learn to Code
  • Machine Learning
  • Marketing Technology
  • Neural Networks
  • Technology Companies

Don't miss it

ANZ Bank: We’ve been using machine learning for 20 years
Machine Learning

ANZ Bank: We’ve been using machine learning for 20 years

April 13, 2021
Apple looking to close the gap between web and app privacy
Internet Security

Who do I pay to get the ‘phone’ removed from my iPhone?

April 13, 2021
Robust Artificial Intelligence of Document Attestation to Ensure Identity Theft
Data Science

Robust Artificial Intelligence of Document Attestation to Ensure Identity Theft

April 13, 2021
Data Science And Machine Learning Service Market Growth Due to COVID-19 Spread | ZS, LatentView Analytics, Mango Solutions, Microsoft, International Business Machine – KSU
Machine Learning

Data Science And Machine Learning Service Market Growth Due to COVID-19 Spread | ZS, LatentView Analytics, Mango Solutions, Microsoft, International Business Machine – KSU

April 13, 2021
How to Change the WordPress Admin Login Logo
Learn to Code

Intl.NumberFormat

April 13, 2021
Criminals spread malware using website contact forms with Google URLs
Internet Security

Criminals spread malware using website contact forms with Google URLs

April 13, 2021
NikolaNews

NikolaNews.com is an online News Portal which aims to share news about blockchain, AI, Big Data, and Data Privacy and more!

What’s New Here?

  • ANZ Bank: We’ve been using machine learning for 20 years April 13, 2021
  • Who do I pay to get the ‘phone’ removed from my iPhone? April 13, 2021
  • Robust Artificial Intelligence of Document Attestation to Ensure Identity Theft April 13, 2021
  • Data Science And Machine Learning Service Market Growth Due to COVID-19 Spread | ZS, LatentView Analytics, Mango Solutions, Microsoft, International Business Machine – KSU April 13, 2021

Subscribe to get more!

© 2019 NikolaNews.com - Global Tech Updates

No Result
View All Result
  • AI Development
    • Artificial Intelligence
    • Machine Learning
    • Neural Networks
    • Learn to Code
  • Data
    • Blockchain
    • Big Data
    • Data Science
  • IT Security
    • Internet Privacy
    • Internet Security
  • Marketing
    • Digital Marketing
    • Marketing Technology
  • Technology Companies
  • Crypto News

© 2019 NikolaNews.com - Global Tech Updates