The Cisco Talos Intelligence Group, a cybersecurity outfit, has fingered a group of cybercriminals, as the culprits behind a large number of malware attacks specific to illegal cryptocurrency mining, that have affected many victims all over the world. According to the report published on Tuesday the 17th of September, the group has gathered a total of about $100,000 in Monero (XMR) in their various malware hacks.
Identified as “Panda”, the group usually makes use of several remote access tools (RATs), as well as some other specifically tailored software, to identify and target computers and software that are somewhat vulnerable, taking advantage of them. These tools not only enable the group to mine crypto, but also allows them to steal private information from targeted networks.
The report also states that the group is very quick to tweak its tools and mode of operation whenever it’s discovered, making them a bit more obscure and less discoverable by security experts. Talos first observed Panda back in July last year and since then, the group has updated its tools, building better hacking infrastructure.
According to the report:
“We believe Panda is a legitimate threat capable of spreading cryptocurrency miners that can use up valuable computing resources and slow down networks and systems. Talos confirmed that organizations in the banking, healthcare, transportation, telecommunications, IT services industries were affected in these campaigns.”
The report further describes Panda as one of the most consistent players in illegal mining attacks. These attacks are still increasing in frequency and perpetrators are seeking new ways to target unsuspecting victims.
Image Credits: Pixabay