Cryptometer gangs go to war over insecure Linux systems

• The comparison
• Tutorials
• Cryptometer gangs go to war over insecure Linux systems

In an effort to better control vulnerable cloud-based infrastructure, two hacking groups behind large-scale crypto campaigns have started targeting their respective cryptomers. The Pacha group, first detected in September 2018, is a Chinese-origin threat group described by Intezer Labs while attempting to spread its cryptocurrency mining malware. Linux.GreedyAntd. Company researchers discovered that the group's malware was designed to search for other crypto-malicious malware present on the systems it infects, although this technique has already been used by the strains. Similar malware programs. The Linux.GreedyAnd Modular Malware program used Systemd to gain persistence and make it more difficult to detect and remove. The malware is also used to target and remove crypto from other cybercrime groups, but the Rocke group is the primary target. Ignacio Sanmillan of Intezer Labs explained in a blog post how Linux.GreedyAndt differs from previous malware released by the Pacha group in the following terms: "The main anti-malware infrastructure appears to be identical to previous Pacha campaigns, although it can be make considerable effort to detect and limit Rocke implants."

Smell in the Rock

Rocke Group encryption malware also contains a "kill list" that helps you find and stop all cryptojacking malware from running. Pacha Group reacted by adding a list of scrambled IP addresses to the Linux.GreedyAntd blacklist which will block the competitor criminal group's cryptomers by redirecting their traffic to compromised machines. The malware strains in both groups have shared capabilities, such as the ability to find and disable Tencent Cloud and Alibaba Cloud cloud monitoring and security products, support for the Libprocesshider lightweight user-mode kit, and an exploit. It is used to exploit an Atlassian vulnerability. Cloud infrastructure could be threatened by other threats, according to Sanmillan, who explained: "We believe these results are relevant in the context of increasing awareness of cloud-related threats, particularly on vulnerable Linux servers, with groups of parties competing threatening stakeholders, but this could indicate that there are threats to cloud infrastructure growth." Through the bleeding computer