Malware that mines Monero cryptocurrency re-emerges, affecting over 3,500 websites, according to a recent report.
In a recent development, a resurgence of cryptojacking activities has been detected, with over 3,500 websites worldwide falling victim to a sophisticated Monero mining campaign[1][2][4][5]. This latest wave of cryptojacking is marked by its departure from previous trends, adopting stealthy and persistent techniques to evade detection and maximise profits.
The malware operates covertly, using advanced obfuscation methods such as base64-encoded scripts loaded via deferred `
- The malicious script employed in this cryptojacking campaign does not directly target crypto wallets, but it could theoretically be modified to include a wallet drainer in its payload.
- To maximise profits, the cybercriminals behind this mining campaign are using technology like Living Off the Land Binaries and Scripts (LOLBAS) to evade detection and persist across devices.
- Instead of focusing on the traditional cryptocurrency like Bitcoin, this recent wave of cryptojacking is concentrating on Monero, a cryptocurrency that offers enhanced cybersecurity features to facilitate covert mining activities.
