XBash malware combines ransomware, coinminer, botnet, & worm features

Brink

Brink

Administrator
Staff member
Local time
8:31 AM
Messages
74,887
Location
Oklahoma
XBash malware combines ransomware, coinminer, botnet, & worm features

New malware strain has been discovered in the wild that combines features from four types of malware categories --ransomware, coinminers, botnets, and worms-- to create a dangerous cocktail that has been wreaking havoc among Linux and Windows servers.

Named XBash, this new malware strain is the work of a well-known criminal group previously identified under the codenames of Iron [1, 2] and Rocke, and which has been extremely active in the past two years.

Iron has been tied to ransomware distribution campaigns, but also to a massive crypto-mining operation. Cisco Talos has called this group "the champion of Monero miners," and has hinted the group may be based in China.

Until now, the Iron group has focused on one operation at a time, using specific malware for specific tasks. It deployed ransomware in 2017 and early 2018, and then switched to spreading a cryptocurrency miner (coinminer) in 2018.

But Palo Alto Networks researchers say the group has now rolled out the new XBash malware strain that is a combination of all their previous tactics, rolling a botnet-like structure together with coinminer and ransomware functionality, all into one...
Click to expand...


Read more:
 

My Computer My Computer

At a glance

64-bit Windows 11 Pro for WorkstationsIntel i7-8700K OC'd to 5 GHz64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600...ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
Computer type
PC/Desktop
Computer Manufacturer/Model Number
Self built custom
OS
64-bit Windows 11 Pro for Workstations
CPU
Intel i7-8700K OC'd to 5 GHz
Motherboard
ASUS ROG Maximus XI Formula Z390
Memory
64 GB (4x16GB) G.SKILL TridentZ RGB DDR4 3600 MHz
Graphics Card(s)
ASUS ROG-STRIX-GTX1080TI-O11G-GAMING
Sound Card
Integrated
Monitor(s) Displays
2 x Samsung Odyssey G7 27"
Screen Resolution
2560x1440
Hard Drives
1TB Samsung 990 PRO M.2,
4TB Samsung 990 PRO PRO M.2,
TerraMaster F8 SSD Plus NAS
PSU
Seasonic Prime Titanium 850W
Case
Thermaltake Core P3
Cooling
Corsair Hydro H115i
Keyboard
Logitech wireless K800
Mouse
Logitech MX Master 4
Internet Speed
2 Gb/s Download and 100 Mb/s Upload
Antivirus
Malwarebyte Anti-Malware Premium
Browser
Google Chrome
Other Info
Logitech Z625 speaker system,
Logitech BRIO 4K Pro webcam,
HP Color LaserJet Pro MFP M477fdn,
APC SMART-UPS RT 1000 XL - SURT1000XLI,
Galaxy S23 Plus phone
You must log in or register to reply here.

Similar threads

New Moriya rootkit stealthily backdoors Windows systems
Replies
0
Views
983
Brink
Brink
Cryptocurrency mining malware disables security to remain undetected
Replies
0
Views
746
Brink
Brink
Hacking group returns, switches from ransomware to trojan malware
Replies
1
Views
1K
ShadouFox
ShadouFox
New Nodersok malware has infected thousands of PCs
Replies
2
Views
2K
TechnoMage2016
TechnoMage2016
Thanatos ransomware: Free decryption tool released
Replies
0
Views
1K
Brink
Brink
Back
Top