CySecurity News - Latest Information Security and Hacking Incidents, EN

StripedFly: Cryptomining Tool Infects 1 Million Targets Worldwide

Security firm Kaspersky Lab has revealed that a cryptominer, which never really generated a hefty crypto amount for its operators, is now a part of a bigger digital espionage campaign. Since 2017, the platform, known as StripedFly, has infected over a million Windows and Linux targets worldwide. StripedFly was most likely developed as a component of a well-funded state espionage program rather than a cybercriminal operation because it is modular and has several components for infiltrating targets’ devices and gathering various types of data. Additionally, it has an update system that allows attackers to add new features and upgrades to the malware. 

Among other malware, StripedFly can steal access credentials from targeted systems, and take capture screenshots, obtain databases, private files, movies, or other relevant data, and record audio in real time by breaking into a target’s microphone. Interestingly, StripedFly conceals communication and exfiltration between the malware and its command-and-control servers using a novel, proprietary Tor client. 

Additionally, there is a ransomware component that has occasionally been used by attackers. Using a modified version of the infamous EternalBlue exploit that was published by the US National Security Agency, it first infects targets.

While StripFly can steal Monera cryptocurrency, that is only a portion of what it is capable of. The researchers found this out last year and thoroughly examined it before making their results public.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article:

StripedFly: Cryptomining Tool Infects 1 Million Targets Worldwide