Diaries by Keyword - SANS Internet Storm Center

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
CRYPTOCURRENCY MINER
2019-01-10	Brad Duncan	Heartbreaking Emails: "Love You" Malspam
CRYPTOCURRENCY
2022-06-22/a>	Xavier Mertens	Malicious PowerShell Targeting Cryptocurrency Browser Extensions
2022-04-21/a>	Xavier Mertens	Multi-Cryptocurrency Clipboard Swapper
2021-08-30/a>	Xavier Mertens	Cryptocurrency Clipboard Swapper Delivered With Love
2019-01-10/a>	Brad Duncan	Heartbreaking Emails: "Love You" Malspam
2018-10-05/a>	Jim Clausing	A strange spam
2018-01-30/a>	Kevin Liston	Using FLIR in Incident Response?
2018-01-11/a>	Xavier Mertens	Mining or Nothing!
MINER
2023-01-02/a>	Xavier Mertens	NetworkMiner 2.8 Released
2022-04-05/a>	Johannes Ullrich	WebLogic Crypto Miner Malware Disabling Alibaba Cloud Monitoring Tools
2021-12-21/a>	Xavier Mertens	More Undetected PowerShell Dropper
2021-03-19/a>	Xavier Mertens	Pastebin.com Used As a Simple C2 Channel
2020-11-07/a>	Guy Bruneau	Cryptojacking Targeting WebLogic TCP/7001
2020-02-02/a>	Didier Stevens	Video: Stego & Cryptominers
2019-12-26/a>	Xavier Mertens	Bypassing UAC to Install a Cryptominer
2019-04-02/a>	Johannes Ullrich	Fake AV is Back: LaCie Network Drives Used to Spread Malware
2019-01-10/a>	Brad Duncan	Heartbreaking Emails: "Love You" Malspam
2019-01-02/a>	Xavier Mertens	Malicious Script Leaking Data via FTP
2018-11-30/a>	Remco Verhoef	CoinMiners searching for hosts
2018-09-07/a>	Xavier Mertens	Crypto Mining in a Windows Headless Browser
2018-08-30/a>	Xavier Mertens	Crypto Mining Is More Popular Than Ever!
2018-07-13/a>	Xavier Mertens	Cryptominer Delivered Though Compromized JavaScript File
2018-03-05/a>	Xavier Mertens	Malicious Bash Script with Multiple Features
2018-03-04/a>	Xavier Mertens	The Crypto Miners Fight For CPU Cycles
2017-11-13/a>	Guy Bruneau	VBE Embeded Script (info.zip)
2017-09-30/a>	Lorna Hutcheson	Who's Borrowing your Resources?
2017-01-12/a>	Mark Baggett	Some tools updates
2016-11-13/a>	Guy Bruneau	Bitcoin Miner File Upload via FTP
2014-07-07/a>	Johannes Ullrich	Multi Platform *Coin Miner Attacking Routers on Port 32764
2014-04-01/a>	Johannes Ullrich	cmd.so Synology Scanner Also Found on Routers
2013-12-16/a>	Tom Webb	The case of Minerd
2009-11-25/a>	Jim Clausing	Tool updates

CRYPTOCURRENCY MINER

CRYPTOCURRENCY

MINER