Follow Us

Header Ad

Latest Posts

Categories

Purple Fox botnet gets worm properties to spread hidden miner


The Purple Fox botnet operators changed the malware distribution method and began hacking Windows devices by brute-forcing the Server Message Block (SMB) password. This was reported by researchers at Guardicore.

The hacking campaign has been going on since 2018 and initially used exploit kits and phishing emails. The botnet acquired the properties of the worm only at the end of 2020.

Purple Fox scans ports and unsecured SMB services with weak passwords and hashes, brute-force cracking. Having penetrated the victim’s computer, malware operators build a botnet, the main task of which is hidden cryptocurrency mining.

A rootkit makes it difficult to detect and remove malware.

Guardicore Labs has identified a vast network of compromised Microsoft IIS 7.5 servers that host dropper Purple Fox and its useful data.

Guardicore specialist Amit Serper has released detailed information on the Purple Fox attacks, along with indicators of compromise that will allow victims to identify signs of the worm’s presence.

Earlier in March, Kaspersky Lab experts detected a new malicious program stealing the power of Windows-based systems for mining the Monero cryptocurrency.

Subscribe to ForkLog news on Telegram: ForkLog Feed – the entire news feed, ForkLog – the most important news and polls.

Found a mistake in the text? Select it and press CTRL + ENTER



Fidenge Pecold

My profession is a journalist, but my hobby for 8 years has been studying Forex investing and trading. During this time, I managed to gain extensive experience in investing and trading cryptocurrencies and double my capital in the Forex market. To be the author of this magazine, the site owners invited me to participate in one of the 2020 trading webinars, and I will try to reveal the most relevant crypto market news for you.

    Leave Your Comment

    Your email address will not be published.*

    Forgot Password