Crypto miners’ latest techniques

From cybersecurity.att.com

Persistence mechanism

Crypto miners are determined in their objective of mining in other people’s resources. Proof of this is one of the latest samples identified with AT&T Alien Labs, with at least 100 different loaders and at least 4 different stages to ensure their miner and backdoor run smoothly in the infected systems.

Key takeaways:

  • Attackers have been sending malicious attachments, with a special emphasis on Mexican institutions and citizens.
  • The techniques observed in these samples are known but still effective to keep infecting victims with their miners. Reviewing them assists in reminding defenders the current trends and how to improve their defenses.
  • The wide variety of loaders in conjunction with the staged delivery of the miner and backdoor malwares, shows how determined the attackers are to successfully deliver their payloads.

Read more…