- Hackers Exploiting Microsoft Servers to Mine Monero – Makes $63,000 In 3 Months
Mining cryptocurrencies can be a costly investment as it takes a monstrous amount of computing power, and thus hackers have started using malware that steals computing resources of computers it hijacks to make lots of dollars in digital currency. The Security researchers at security firm ESET have spotted one such malware that infected hundreds of Windows web servers with a malicious cryptocurrency miner and helped cybercriminals made more than $63,000 worth of Monero (XMR) in just three months. According to a report published by ESET today, cybercriminals only made modifications to legitimate open source Monero mining software and exploited a known vulnerability in Microsoft IIS 6.0 to secretly install the miner on unpatched Windows servers. The vulnerability (CVE-2017-7269) exploited by the attackers was discovered in March 2017 by Zhiniang Peng and Chen Wu and resides in the WebDAV service of Microsoft IIS version 6.0—the web server in Windows Server 2003 R2. So that attacker can target unpatched windows server 2003.
Cyber Security Tips: Users and administrators are strongly recommended that install patch as soon as possible, keep your systems up-to-date and keep using reputed antivirus software.
- Popular GoKeyboard App Spying on Millions of Android Users
If you are using the popular keyboard app called GoKeyboad, bad news for you. According to researchers, there are two variants of Go Keyboard available on Google namely “GO Keyboard – Emoji keyboard, a Swipe input, GIFs” and “GO Keyboard – Emoticon keyboard, Free Theme, GIF.“ Both versions send out private data to remote servers and execute unauthorized code on the android device. Each of the versions has about 100k to 500k downloads so far, and on Play Store these apps are rated at 4.5 and 4.4 stars. Researchers from AdGuard became alerted about suspicious spying acts of keyboard apps after Touchpal keyboard app was identified to display ads on HTC devices earlier in 2017. It was suspected that GOMO developer team was trying to collect private and confidential data such as the email address used to connect with Google Play Store, Android version, screen size, network type and phone’s make/model number.
Cyber security Tips: Android users are strongly recommended that avoid using this application if you have already installed it you are recommended to uninstall it and reset your all passwords and keep monitoring your accounts.