securitybreach Posted September 11, 2022 Posted September 11, 2022 Quote In brief AT&T cybersecurity researchers have discovered a sneaky piece of malware targeting Linux endpoints and IoT devices in the hopes of gaining persistent access and turning victims into crypto-mining drones. The malware was dubbed "Shikitega" for its extensive use of the popular Shikata Ga Nai polymorphic encoder, which allows the malware to "mutate" its code to avoid detection. Shikitega alters its code each time it runs through one of several decoding loops that AT&T said each deliver multiple attacks, beginning with an ELF file that's just 370 bytes. Shikitega also downloads Mettle, a Metasploit interpreter that gives the attacker the ability to control attached webcams and includes a sniffer, multiple reverse shells, process control, shell command execution and additional abilities to control the affected system. AT&T didn't say how the initial infection occurs, but it did say Shikitega exploits two Linux vulnerabilities disclosed in 2021 to achieve its ultimate objective, which AT&T said appears to be the installation and execution of the XMRig cryptocurrency miner. The final stage also establishes persistence, which Shikitega does by downloading and executing five shell scripts that configure a pair of cron jobs for the current user and a pair for the root user using crontab, which it can also install if not available....... https://www.theregister.com/2022/09/10/in_brief_security/ 3 Quote
sunrat Posted September 12, 2022 Posted September 12, 2022 Crypto mining is about to become redundant. Yay! The amount of electricity used has long been a serious thorn in its side. Cryptocurrency Ethereum is about to cut its emissions by 99 per cent — a huge shake-up that will challenge Bitcoin Quote Ethereum's project involves ditching the "proof of work" model for a new one called "proof of stake". Under this model, crypto transactions are validated by users, who stake substantial quantities of blockchain tokens (in this case, Ethereum coins) as collateral. If the users act dishonestly, they lose their stake. Importantly, it will mean the vast network of supercomputers currently used to check transactions will no longer be required, because users themselves are doing the checking — a relatively easy task. Doing away with the computer "miners" will lead to an estimated 99 per cent drop in Ethereum's electricity use. Still needs work to prevent the billions defrauded in scams. Experts have said investing in cryptocurrency is just gambling that other people are more stupid than you. Quote
abarbarian Posted September 12, 2022 Posted September 12, 2022 9 hours ago, sunrat said: Still needs work to prevent the billions defrauded in scams. Experts have said investing in cryptocurrency is just gambling that other people are more stupid than you. Gambling is the word if folk are trusting ordinary folk to do the checks, "it will mean the vast network of supercomputers currently used to check transactions will no longer be required, because users themselves are doing the checking — a relatively easy task. " Quote
securitybreach Posted September 13, 2022 Author Posted September 13, 2022 Cryptocurrencies have always just been a crapshoot 1 Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.