One Article Review
| Source |  TrendLabs Security |
|---|---|
| Identifiant | 411360 |
| Date de publication | 2017-09-22 16:01:52 (vue: 2017-09-22 16:01:52) |
| Titre | EITest Campaign Uses Tech Support Scams to Deliver Coinhive\'s Monero Miner |
| Texte | We've uncovered the notorious EITest campaign delivering a JavaScript (JS) cryptocurrency miner (detected by Trend Micro as HKTL_COINMINE) using tech support scams as a social engineering lure. These are fraud activities impersonating legitimate technical support services, conning unwitting victims to avail/pay for these services (or hand out financial data), by scaring them that their machine has been infected with malware, for instance. The EITest campaign's main arsenal is compromised websites. Its activity can be traced to as early as 2014 and once used the Angler exploit kit to deliver ransomware. Starting January 2017, it has eschewed exploit kits in favor of “HoeflerText†(a popular font) phishing attacks or  . In a month, we identified 990 compromised websites injected with a malicious script that diverts the would-be victim to a website related to the tech support scam. Of late, though, the campaign has added the Coinhive JS miner into ongoing attacks, turning the victim's computer into a Monero cryptocurrency miner. Analysis also revealed that this JS cryptocurrency miner is the same “Coinhive†JS miner found embedded in The Pirate Bay's website. Post from: Trendlabs Security Intelligence Blog - by Trend Micro EITest Campaign Uses Tech Support Scams to Deliver Coinhive's Monero Miner |
| Envoyé | Oui |
| Condensat | 2014 2017 990 activities activity added also analysis angler are arsenal attacks avail/pay bay been blog campaign can coinhive coinmine compromised computer conning cryptocurrency data deliver delivering detected diverts early eitest embedded engineering eschewed exploit favor financial font found fraud from: hand has hktl identified impersonating infected injected instance intelligence its january javascript kit kits late legitimate lure machine main malicious malware micro miner monero month notorious once ongoing out phishing pirate popular post ransomware related revealed same scam scams scaring script security services social starting support tech technical them these though traced trend trendlabs turning uncovered unwitting used uses using victim victims website websites would “coinhive†“hoeflertext†|
| Tags | Guideline |
| Stories | Tesla |
| Notes | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.