Hackers Exploit Automated Email Replies to Deploy Stealthy Crypto Mining Malware

A hacker deploying malware through automated email replies.The latest has to do with the now-normal auto-response from emails. According to a recent report from threat intelligence firm Facct, cybercriminals were hacking into an organization and sending stealth crypto mining malware-a tactic to target organizations in Russia. This new attack vector leverages auto-response e-mails coming from previously compromised accounts in order to spread the XMRig miner.

XMRig Miner Targets Organizations in Russia

Since late May, Facct has detected about 150 emails carrying the XMRig miner-a utility for mining digital assets in a stealthy way on the victims’ devices. These phishing emails were targeting businesses, marketplaces, and financial institutions, which had been intercepted by the email protection system and never reached the clients.

Exploiting Trust in Email Communication

Facct senior analyst Dmitry Eremenko said the attack is particularly insidious because it plays on the level of trust established when the victim originated the contact with the email account that had been compromised. “Even if the email doesn’t look persuasive, the established chain of communication may kill suspicion, making the target more likely to interact with the malicious attachment,” Eremenko said.

XMRig: The Relentless Cyber Threat

XMRig is the open-source software for mining the cryptocurrency Monero, favored by hackers since 2020. Variants of this tool have been embedded with the “Lucifer” malware in June 2020 and “FritzFrog” botnet in August 2020, which attacked millions of IP addresses worldwide.

Organization Recommendations

The Facct wants organizations to step up cyber security by training their employees in current threats and best practices. They suggest using strong passwords and multi-factor authentication to help avoid attacks of this kind.

Crypto Malware Threat Grows

Crypto malware is getting increasingly sophisticated. Early this month, the FBI warned of the SpyAgent malware, which has its sights on Android devices to steal cryptocurrency private keys using OCR technology. Because of the rise in crypto-related scams, $310 million alone was lost in various exploits last August.

As the cyber threats evolve, so must the organizations be quick with their defense strategies in trying to catch these innovative attack vectors.

Source:btc-pulse.com