Hidden Agenda: The Darker Side of a Prominent Cryptocurrency Mining Botnet
The VMware Carbon Black Threat Analysis Unit (TAU) uncovered various new and otherwise previously unknown components of a prominent cryptocurrency mining campaign. The botnet overseeing the operation leverages unique attack patterns that are designed to bypass application allowlisting, provide remote access, collect and exfiltrate sensitive information, and likely sell access to hundreds of thousands of compromised hosts.
This multistage campaign highlights the need to remain vigilant in protecting your organization, as threats that may start off as commodity malware may transform and evolve into complex attacks over time.
Greg Foss, Senior Threat Researcher, and Marina Liang, Senior Threat Analyst, will dive deep into this campaign and present findings which:
- Demonstrate the weaponization of commodity threats
- Highlight the potential hidden impacts of commodity malware
- Show how attribution models can be misleading in an active threat economy
Greg Foss | Senior Threat Researcher @VMware Carbon Black
Marina Liang | Senior Threat Analyst @VMware Carbon Black