Calendar app in Mac App Store is openly mining cryptocurrency in background

<div dir="ltr" style="text-align: left;" trbidi="on"> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnp2gfb-T4DnvsHXezl5oNNba6XRwuEuLIfSdCLiBD_8951TnC2rwl-U5icAfUFJTACq-v6ieYzJ7S48td97pqrXtcWOGBZKiELIxK6COmmBPKi-jlDcb5YNr38xxmHg7UHKq0Bzwntt4-/s1600/calendar-2-mining-monero.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Popular Calendar 2 app openly mines Monero by default" border="0" data-original-height="582" data-original-width="571" height="640" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjnp2gfb-T4DnvsHXezl5oNNba6XRwuEuLIfSdCLiBD_8951TnC2rwl-U5icAfUFJTACq-v6ieYzJ7S48td97pqrXtcWOGBZKiELIxK6COmmBPKi-jlDcb5YNr38xxmHg7UHKq0Bzwntt4-/s640/calendar-2-mining-monero.jpg" title="Popular Calendar 2 app openly mines Monero by default" width="625" /></a></div> A schedule application in the Mac App Store <b>Calendar 2</b> has been mining <a href="http://www.hackerschronicle.com/search/label/Cryptocurrency">cryptocurrency </a>out of sight in return for giving clients extra highlights — and an alternative to quit mining has been broken. Up until this point, Apple has not taken the booking application Calendar 2 down, even after Ars Technica informed the organization that <a href="https://itunes.apple.com/us/app/calendar-2/id415181149?mt=12">Calendar 2</a> has been mining virtual currency. <br /> <br /> The application is a buffed-up variant of Apple's Calendar application in <a href="http://www.hackerschronicle.com/search/label/macOS">macOS</a>, yet as of late, its designer, Qbix, added additional code to mine <a href="http://www.hackerschronicle.com/search/label/Monero">monero</a>, an advanced coin propelled in April 2014 and intended to be a more unknown adaptation of bitcoin, as you can't see exchanges on an open record. That makes Calendar 2 something of an irregularity in the App Store — there don't have all the earmarks of being other mining applications in the store, not to mention applications that utilization mining as an approach to get extra an incentive from non-paying clients. <br /> <br /> The miner keeps running in return for giving the clients a chance to get to more premium highlights. Clients can quit by keeping premium highlights off or paying for them through the App Store. <br /> <br /> Be that as it may, as Ars noticed, the application had a bug that kept the digger running, regardless of whether clients endeavored to quit, and a moment bug that made the excavator expend a larger number of assets than initially proposed. A client noted on Twitter that the application "<b>ate 200% CPU until the point that I discovered it and murdered it. I didn't expect a mineworker contamination from an App Store seller. Amazing</b>." The application's present rating is two out of five in the App Store, with numerous current surveys docking stars due to the undesirable mining. Qbix expressed that it was highly involved with distributing a fix for the bugs. <br /> <br /> Mining programs tend to support Monero over <a href="http://www.hackerschronicle.com/search/label/Bitcoin">Bitcoin </a>or Ethereum, as Monero has a more CPU-friendly hashing calculation. </div>

Apple App Store Calender2 cryprocurrency mining Cryptocurrency Cryptocurrency Malware Cryptomining mac software macOS Monero Calendar app in Mac App Store is openly mining cryptocurrency in background

A schedule application in the Mac App Store Calendar 2 has been mining cryptocurrency out of sight in return for giving clients extra h...

Read more »

4000 Government Websites Hacked in less than 4 Hours to Mine Cryptocurrency

<div dir="ltr" style="text-align: left;" trbidi="on"> <br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnJjqeIjcqU3MGFmsgNnL0NeymCNjU4wfbAPOJzO7r3dusjiHbjsAgXgK-3KytrKTYX_nru_Xf_Jd3jVU4bICc1ulejSq4tNjczTh46yG_aqNpuXbOMn6J4zp77oKxIdldi_BFDqmSTFwa/s1600/United-States-courts-portal-Hacked.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Government Websites Hacked to mine Cryptocurrency" border="0" data-original-height="360" data-original-width="1000" height="230" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhnJjqeIjcqU3MGFmsgNnL0NeymCNjU4wfbAPOJzO7r3dusjiHbjsAgXgK-3KytrKTYX_nru_Xf_Jd3jVU4bICc1ulejSq4tNjczTh46yG_aqNpuXbOMn6J4zp77oKxIdldi_BFDqmSTFwa/s640/United-States-courts-portal-Hacked.jpg" title="Government Websites Hacked to mine Cryptocurrency" width="640" /></a></div> Over four thousand high profile government websites have been compromised by <a href="http://www.hackerschronicle.com/search/label/Dark%20Web" target="_blank">dark web</a> hackers across the globe, mining virtual currency secretly, and particularly Monero.<br /> <br /> <a href="http://www.hackerschronicle.com/search/label/Monero" target="_blank">Monero </a>has become one of the popular cryptocurrency recently especially on the ‘<a href="http://www.hackerschronicle.com/search/label/Dark%20Web" target="_blank">dark web</a>’– a section of the internet that can only be accessed using a special browser which is capable of anonymizing your browsing location as well as identity. Dark web criminals are taking advantage of this anonymity by trading illegal commodities, substances and services using virtual currencies.<br /> <br /> <b>4,275 websites including those in the U.K., the U.S., Ireland, Australian and Canada with government websites with hundreds of thousands of visitors were hacked in less than a period of four hours</b> and unwittingly mined for <a href="http://www.hackerschronicle.com/search/label/Cryptocurrency" target="_blank">cryptocurrency </a>exploiting a security breach. Some of the compromised websites include the <b>United States courts online portal</b>, the <b>United States Information Commissioner Office</b>; the <b>National Health Service</b> in the <b>United Kingdom</b> and the <b>Victorian Parliament </b>website in <b>Australia</b>. The attack by a cryptojacking code hit common websites which had the text-to-speech accessibility script Browsealoud for the visually impaired from Texthelp company.<br /> <br /> Recently, Monero has grown in popularity with a market capitalization of $4 billion. Its privacy feature has contributed to its momentum on the dark web making it harder to track compared to bitcoin.<br /> <br /> The prices of virtual currency in the market skyrocketed recently and as a scheme that has drawn the attention of criminals. <a href="http://www.hackerschronicle.com/search/label/Cyber%20Crime" target="_blank">Cybercrimes </a>increased especially on cryptocurrency as criminals tried to cash in on the skyrocketing crypto prices. The cybercrime industry is recently believed to be overtaking the illegal drug trafficking industry in terms of revenue and hence attracting criminals.<br /> <br /> The hacking process involved insertion of a <a href="http://www.hackerschronicle.com/search/label/Malwares" target="_blank">malicious </a>code that takes over a portion of a victim’s computer and central processing. Therefore the hacker has the ability of opening a website using a browser in order to mine virtual currency.<br /> <br /> The process of mining digital coins requiring less processing power such as Monero is much easier compared to mining bitcoin from websites as it requires powerful specialized computers and software, making Monero mining a better fit for saving on time and energy, making it a very attractive option to criminals.<br /> <br /> The dark web hackers had an easier time as they did not compromise each of the 4,275 websites at once, but rather hacked a globally-used plugin named ‘<b>Browsealoud</b>’ which is capable of reading out text from websites for the blind.<br /> <br /> After the Browsealoud code was hacked, <b>CoinHive’s Monero miner</b> was silently and secretly injected. Thereafter, any website using the Browsealoud plugin was automatically compromised.<br /> <br /> However the cyber-attack was deemed successful as there were basic regulatory measures and requirements over accessibility of some of these government websites that have not been met.</div>

Cryptocurrency Cyber Crime Dark Web Hacking News Monero News 4000 Government Websites Hacked in less than 4 Hours to Mine Cryptocurrency

Over four thousand high profile government websites have been compromised by dark web hackers across the globe, mining virtual currency...

Read more »

Tesla's Cloud Servers Hacked to mine Cryptocurrency

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqqm-HpAKvp8ZK0vh2iwUn4veaWHvZ-jCZ9zwWH12tpXaCB3cCrUiPaS-QurepFgnip3g2A5Ak1shidzjHAecuYx2vp9mEf6KiGe9Qn9Oltl-F-KoacbQHe75_CTbsaiaFy0rcoBuIp707/s1600/Tesla-Servers-Hacked.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Kubernetes Consoles Breached" border="0" data-original-height="455" data-original-width="1250" height="232" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqqm-HpAKvp8ZK0vh2iwUn4veaWHvZ-jCZ9zwWH12tpXaCB3cCrUiPaS-QurepFgnip3g2A5Ak1shidzjHAecuYx2vp9mEf6KiGe9Qn9Oltl-F-KoacbQHe75_CTbsaiaFy0rcoBuIp707/s640/Tesla-Servers-Hacked.png" title="Kubernetes Consoles Breached" width="640" /></a></div> <br /> Hackers have breached Tesla cloud servers used by the company's engineers and have installed malware that mines the <a href="http://www.hackerschronicle.com/search/label/Cryptocurrency" target="_blank">cryptocurrency</a>. The incident took place last year when hackers gained access to Tesla's Kubernetes server, an open-source application used by large companies to manage API and server infrastructure deployed on cloud hosting providers.<br /> <br /> Cloud security firm RedLock —whose experts discovered the hacked server— said hackers found a "pod" inside the <a href="http://www.hackerschronicle.com/search/label/Kubernetes" target="_blank">Kubernetes </a>console that stored login credentials for one of Tesla's AWS cloud infrastructure.<br /> <br /> RedLock says the <a href="http://www.hackerschronicle.com/search/label/AWS" target="_blank">AWS </a>buckets appeared to have been storing sensitive data such as telemetry, but a Tesla Motors spokesperson told in an email the data was from "internally-used engineering test cars only." While there's no evidence intruders stole any data, they did install a mining application that utilized the vast computational resources of Tesla's AWS servers to mine the <a href="http://www.hackerschronicle.com/search/label/Monero" target="_blank">Monero cryptocurrency</a>.<br /> <br /> A Tesla spokesperson told that the company received a notification about the incident and secured the server immediately. RedLock said today the incident took place because Tesla engineers forgot to secure the Kubernetes console with an access password.<br /> <br /> "We maintain a bug bounty program to encourage this type of research, and we addressed this vulnerability within hours of learning about it," Tesla said. "The impact seems to be limited to internally-used engineering test cars only, and our initial investigation found no indication that customer privacy or vehicle safety or security was compromised in any way.”<br /> <br /> It is very clear that these hackers knew what they were doing, as they set up a private mining pool to use for their illegal mining operations only, hid the mining pool behind CloudFlare, configured the mining software to listen for commands on a non-standard port, and throttled the mining software to use only a small portion of <a href="http://www.hackerschronicle.com/search/label/Tesla" target="_blank">Tesla's</a> AWS CPU resources. All of these configuration changes were made to avoid detection. Because they used a custom mining pool, it is unclear how much money this hacker group made.</div>

AWS Cryptocurrency Hacking News Kubernetes Monero News Tesla Tesla's Cloud Servers Hacked to mine Cryptocurrency

Hackers have breached Tesla cloud servers used by the company's engineers and have installed malware that mines the cryptocurrency ....

Read more »

Thousands of Jenkins Servers Hacked to mine Monero

<div dir="ltr" style="text-align: left;" trbidi="on"> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi30dKMYj2OqNHjon8iwHK-B2-NX3L8DMpuxaf4Uz35m9U95sYLWh6_RvDzVGhuVrhQBYPWzbBpLejYYk90VBl9AMWNMvPogHpX7d3VRjqIr5V0IUmp6dSy7nu3y_d2rB5N5Vmkbf9Pebv8/s1600/JenkinsMinerMalware.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Jenkins-Hacked-to-Mine-Monero" border="0" data-original-height="455" data-original-width="1250" height="232" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi30dKMYj2OqNHjon8iwHK-B2-NX3L8DMpuxaf4Uz35m9U95sYLWh6_RvDzVGhuVrhQBYPWzbBpLejYYk90VBl9AMWNMvPogHpX7d3VRjqIr5V0IUmp6dSy7nu3y_d2rB5N5Vmkbf9Pebv8/s640/JenkinsMinerMalware.png" title="Jenkins-Hacked-to-Mine-Monero" width="640" /></a></div> A hacker group has made over $3 million by breaking into Jenkins servers and installing malware that mines the Monero cryptocurrency.<br /> <br /> Hackers are targeting <a href="http://www.hackerschronicle.com/search/label/Jenkins" target="_blank">Jenkins</a>, a continuous integration/deployment web application built in Java that allows dev teams to run automated tests and execute various operations based on test results, including deploying new code to production servers. Because of this, Jenkins servers are extremely popular with both freelance web developers, but also with large enterprises.<br /> <br /> A cyber security research firm announced it uncovered the footprint of a large hacking operation targeting Jenkins servers left connected to the Internet.<br /> <br /> <b>Hackers using Jenkins RCE flaw</b><br /> Attackers were leveraging <a href="https://jenkins.io/security/advisory/2017-04-26/" target="_blank">CVE-2017-1000353</a>, a vulnerability in the Jenkins Java deserialization implementation that allows attackers to run malicious code remotely without needing to authenticate first. Hackers used this vulnerability to make Jenkins servers download and install a <a href="http://www.hackerschronicle.com/search/label/Monero" target="_blank">Monero </a>miner (minerxmr.exe).<br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGiJBIbSv3T6AcNnIggGFU6KI9Fa7h_RMAkL2X178JZtCNr18o3UaL6pDbIrFHphdQhExL1qczWJZima4L3odaVMSPBcfBENnzYP2UvBu0xMYyf3g12jVpeh5-tHTLbcfz8CFuWHiG5EZ3/s1600/Jenkins-Servers-Hacked.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Jenkins-Servers-Hacked" border="0" data-original-height="438" data-original-width="894" height="312" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjGiJBIbSv3T6AcNnIggGFU6KI9Fa7h_RMAkL2X178JZtCNr18o3UaL6pDbIrFHphdQhExL1qczWJZima4L3odaVMSPBcfBENnzYP2UvBu0xMYyf3g12jVpeh5-tHTLbcfz8CFuWHiG5EZ3/s640/Jenkins-Servers-Hacked.png" title="Jenkins-Servers-Hacked" width="640" /></a></div> The miner was being downloaded from an IP address located in <a href="http://www.hackerschronicle.com/search/label/Chinese%20Hackers" target="_blank">China </a>and assigned to the Huaian government network. It is unclear if this is the attacker's server, or a compromised server used to host the miner on behalf of the hackers.<br /> <br /> The attackers have been active for months. This has allowed them to mine and already <b>cash out over 10,800 Monero, which is over $3.4 million</b>, at the time of writing.<br /> <div class="separator" style="clear: both; text-align: center;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAqpuzY6xKEdjtbSmFtVncj31DDAvoeEG1EWeQhjXtUuETPrbwk2kSmDGOM-LnQyGWO_h9yvUBMqsK8YJ89JXXivyRoJryex7oY0lESJFLvrzSy6GjANkgpdJ_SN23HSFr9OMHvLoQy1vc/s1600/Monero-Mining-Malware.png" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img alt="Monero-Mining-Malware" border="0" data-original-height="475" data-original-width="1175" height="257" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiAqpuzY6xKEdjtbSmFtVncj31DDAvoeEG1EWeQhjXtUuETPrbwk2kSmDGOM-LnQyGWO_h9yvUBMqsK8YJ89JXXivyRoJryex7oY0lESJFLvrzSy6GjANkgpdJ_SN23HSFr9OMHvLoQy1vc/s640/Monero-Mining-Malware.png" title="Monero-Mining-Malware" width="640" /></a></div> Researchers say the group appears to have compromised mostly Jenkins instances running on Windows operating systems.<br /> <br /> <b>Over 25,000 Jenkins servers left exposed online</b><br /> Attackers aren't the only ones who've noticed the large number of Jenkins servers available online. In mid-January, security researcher Mikail Tunç published <a href="https://emtunc.org/blog/01/2018/research-misconfigured-jenkins-servers/" target="_blank">research</a> highlighting that there were over 25,000 Jenkins servers left exposed to Internet connections at the time of his research.<br /> <br /> Also on Friday, Researchers released new research on other hackers leveraging the <b>CVE-2017-10271</b> flaw to infect Oracle WebLogic servers with malware. This vulnerability has been under active exploitation <b>since early December 2017</b>, and one group has already made <b>more than $226,000</b>.<br /> <br /> Besides Jenkins and <b>Oracle WebLogic</b> servers, hackers are also targeting <b>Ruby on Rails, PHP, and IIS </b>servers, also deploying Monero-mining malware.<br /> <br /> Monero-mining malware is already this year's biggest <a href="http://www.hackerschronicle.com/search/label/Malwares" target="_blank">malware trend/problem</a>, with numerous malware distribution campaigns spreading such payloads on any unsecured computer/server crooks can get their hands on.</div>

Cryptocurrency Hacking News Jenkins Malwares Miner Monero News Thousands of Jenkins Servers Hacked to mine Monero

A hacker group has made over $3 million by breaking into Jenkins servers and installing malware that mines the Monero cryptocurrency. H...

Read more »