Cryptojacking Archives • Daily CyberSecurity

Vibe Coding the Apocalypse: McAfee Uncovers AI-Generated Malware Scaling Global Attacks AI-Generated Malware Vibe Coding Attacks

Vibe Coding the Apocalypse: McAfee Uncovers AI-Generated Malware Scaling Global Attacks

Do Son March 23, 2026

A widespread malware campaign has been caught casting a massive net across the internet, hiding malicious code...

New Mirai Variant and “Monaco” Miner Targeting Linux Devices Linux Malware CondiBot

New Mirai Variant and “Monaco” Miner Targeting Linux Devices

Do Son March 20, 2026

Security researchers at Eclypsium have identified two distinct and previously undocumented malware strains targeting Linux-based systems. On...

Locked Out of the Cloud: Hackers Use AWS Termination Protection to Hijack ECS for Unstoppable Crypto Mining AWS Cryptojacking, Termination Protection

AWS Cryptojacking, Termination Protection

Locked Out of the Cloud: Hackers Use AWS Termination Protection to Hijack ECS for Unstoppable Crypto Mining

Do Son December 18, 2025

In a striking display of cloud-native tradecraft, cybercriminals have been caught turning legitimate AWS environments into illicit...

GhostGrab Android Malware Combines Covert Monero Mining with Financial Credential Theft Qinglong Vulnerability Active Exploitation GhostGrab Hybrid Malware, Monero Mining

Qinglong Vulnerability Active Exploitation GhostGrab Hybrid Malware, Monero Mining

GhostGrab Android Malware Combines Covert Monero Mining with Financial Credential Theft

Do Son October 28, 2025

CYFIRMA Threat Intelligence has released an in-depth technical report on GhostGrab, a sophisticated Android malware family that...

North Korea’s Famous Chollima APT Uses Trojanized Node.js App to Deploy OtterCookie RAT for Crypto Theft

Do Son October 17, 2025

A new report from Cisco Talos has exposed a malware campaign linked to Famous Chollima, a North...

Astaroth Malware Uses Steganography in GitHub Images for Covert C2 Backup and Brazilian Bank Theft Astaroth GitHub C2, Steganography

Astaroth Malware Uses Steganography in GitHub Images for Covert C2 Backup and Brazilian Bank Theft

Do Son October 14, 2025

The McAfee Threat Research team has uncovered a new and sophisticated Astaroth malware campaign — using GitHub...

New Android Malware Impersonates Indian Banks to Steal Data & Secretly Mine Monero Android Malware, Cryptojacking

New Android Malware Impersonates Indian Banks to Steal Data & Secretly Mine Monero

Do Son August 5, 2025

The McAfee Mobile Research Team has uncovered a sophisticated Android malware campaign that poses a dual threat...

Koske Malware: AI-Generated Cryptojacker Hides in Panda Images to Infect Linux Servers Firefox Security, Crypto Wallets skidmap trojan

Koske Malware: AI-Generated Cryptojacker Hides in Panda Images to Infect Linux Servers

Do Son July 27, 2025

Aqua Security’s Nautilus research team has uncovered a malware campaign. Dubbed Koske, this advanced Linux malware shows...

Soco404: New Stealthy Cryptojacking Campaign Exploits Cloud Misconfigurations and PostgreSQL to Mine Crypto

Do Son July 25, 2025

Wiz Research has uncovered a persistent and evolving cryptojacking operation known as “Soco404,” a campaign that exploits...

Mimo Strikes Magento: New Campaign Shifts to Cryptojacking, Proxyjacking, & Stealthy Persistence Magento Compromise, Cryptojacking

Mimo Strikes Magento: New Campaign Shifts to Cryptojacking, Proxyjacking, & Stealthy Persistence

Do Son July 23, 2025

The once Craft CMS-focused threat actor known as Mimo—or Mimo’lette—has resurfaced with new vigor, broadening its scope...

RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining RedLine Stealer, Inno Setup Exploit

RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining

Do Son July 8, 2025

In a recent technical deep dive, the Splunk Threat Research Team (STRT) dissected a multi-stage malware campaign...

XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected XMRig Cryptojacking, LOLBAS

XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected

Do Son July 8, 2025

A new wave of XMRig-based cryptojacking malware is making headlines again—leveraging simple scripting, LOLBAS techniques, and stealthy...

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours Exploit Jupyter Notebooks

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

Do Son July 4, 2025

The Wiz Research Team has uncovered a stealthy and rapidly executed exploitation chain leveraging a misconfigured Java...

Tor Meets Docker: Sophisticated Crypto-Mining Campaign Hijacks Misconfigured APIs

Do Son June 19, 2025

Trend Micro researchers have uncovered a stealthy new attack method that fuses misconfigured Docker remote APIs with...

Librarian Ghouls APT: The Threat Actor Turning Legitimate Tools into a Cybercrime Toolkit

Do Son June 10, 2025

A stealthy Advanced Persistent Threat (APT) group tracked as Librarian Ghouls—also known by aliases Rare Werewolf and...

From Cheats to Compromise: Blitz Malware Exploits Gamers via Backdoored Standoff 2 Cheats Blitz infection chain

From Cheats to Compromise: Blitz Malware Exploits Gamers via Backdoored Standoff 2 Cheats

Do Son June 9, 2025

Unit 42, the threat intelligence arm of Palo Alto Networks, has uncovered a malware campaign involving Blitz,...

JINX-0132: Cryptojackers Exploit Misconfigured DevOps Environments Cryptojacking, DevOps Security

JINX-0132: Cryptojackers Exploit Misconfigured DevOps Environments

Do Son June 3, 2025

Wiz Threat Research has uncovered a stealthy cryptojacking operation exploiting misconfigured DevOps environments. Dubbed “JINX-0132”, the campaign...

RedisRaider Worm Exploits Misconfigured Redis for Cryptojacking RedisRaider, cryptojacking

RedisRaider Worm Exploits Misconfigured Redis for Cryptojacking

Do Son May 9, 2025

In a recent revelation by Datadog Security Research, a sophisticated cryptojacking campaign has been uncovered that exploits...

Massive Cyber Campaign Exploits 4,000 ISP IPs in the U.S. and China for Credential Theft and Cryptojacking ISP Infostealer Campaign

Massive Cyber Campaign Exploits 4,000 ISP IPs in the U.S. and China for Credential Theft and Cryptojacking

Do Son March 6, 2025

A new cybersecurity report from The Splunk Threat Research Team has uncovered a widespread infostealer and cryptomining...

Aviatrix Controller RCE CVE-2024-50603 Exploited in the Wild: Cryptojacking and Backdoors Deployed CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

CRussian Market, "Fly" (Flyded) hange Healthcare Cyberattack - CVE-2024-50603 Exploit

Aviatrix Controller RCE CVE-2024-50603 Exploited in the Wild: Cryptojacking and Backdoors Deployed

Do Son January 12, 2025

A critical Remote Code Execution (RCE) vulnerability, CVE-2024-50603, has been identified in Aviatrix Controller, with the maximum...

Critical Alert 3 Active Exploits Detected Today

Critical Alert

Cryptojacking

Vibe Coding the Apocalypse: McAfee Uncovers AI-Generated Malware Scaling Global Attacks

New Mirai Variant and “Monaco” Miner Targeting Linux Devices

GhostGrab Android Malware Combines Covert Monero Mining with Financial Credential Theft

North Korea’s Famous Chollima APT Uses Trojanized Node.js App to Deploy OtterCookie RAT for Crypto Theft

Astaroth Malware Uses Steganography in GitHub Images for Covert C2 Backup and Brazilian Bank Theft

New Android Malware Impersonates Indian Banks to Steal Data & Secretly Mine Monero

Koske Malware: AI-Generated Cryptojacker Hides in Panda Images to Infect Linux Servers

Mimo Strikes Magento: New Campaign Shifts to Cryptojacking, Proxyjacking, & Stealthy Persistence

RedLine Stealer Unleashed: Inno Setup Installers Abused for Stealthy Data Theft & Cryptowallet Draining

XMRig Cryptojacking Surges: New Campaign Uses LOLBAS, Steals Monero Undetected

Exposed JDWP Debug Ports Under Attack: Cryptominers Infiltrating Java Apps in Hours

Librarian Ghouls APT: The Threat Actor Turning Legitimate Tools into a Cybercrime Toolkit

From Cheats to Compromise: Blitz Malware Exploits Gamers via Backdoored Standoff 2 Cheats

RedisRaider Worm Exploits Misconfigured Redis for Cryptojacking

Massive Cyber Campaign Exploits 4,000 ISP IPs in the U.S. and China for Credential Theft and Cryptojacking

Aviatrix Controller RCE CVE-2024-50603 Exploited in the Wild: Cryptojacking and Backdoors Deployed