Nov 20

Threat Intelligence: Make-A-Wish Targeted in Cryptojacking Attack

Make-A-Wish never patched the Drupal vulnerability which has allowed hackers to steal CPU-cycles to allow them to mine Monero cryptocurrency. Researchers have realized the miner has been active since May and is JavaScript-based after taking a quick look at drupalupdates.tk domain.“Embedded in the site was a script using the computing power of visitors to the site to mine cryptocurrency into the cybercriminals’ pockets, making their ‘wish’ to be rich, come true.”

read more →
Nov 15

Threat Intelligence: Bitcoin Giveaway Scam Targets Google

The Google Twitter account for its G Suite cloud subsidiary, which has more than 800,000 followers, has been the most recent target of a growing Bitcoin scam. Many have been asking Twitter to intervene due to the increasing success of these attacks and the growing ability for hackers to compromise verified Twitter accounts. When these accounts are accessed, attackers tweet out a falsified 10,000 Bitcoin giveaway, which equates to around $62,000 dollars.

read more →