• Iot Forum
  • About us
  • Write for us
  • Contact us
  • Newsletter signup
IOT News - Internet of Things
  • IoT Forum
  • Hardware
    • Networking
  • Smart Home
  • Digital Transformation
    • All
    • Artificial Intelligence
    • Blockchain IoT
    • Enterprise IoT
    • Industrial IoT
    • Machine Learning
    • Smart City
    Top 5 trends for API-powered digital transformation in 2021

    Top 5 trends for API-powered digital transformation in 2021

    ONE Tech Launches Edge AI that Embeds and Trains AI Models Directly on MCU’s

    ONE Tech Launches Edge AI that Embeds and Trains AI Models Directly on MCU’s

    Awake Security Advances AI-powered Security for Faster Threat Protection and Remediation

    BlackSky awarded IARPA contract to develop next generation artificial intelligence platform

    • Wearables
    • Artificial Intelligence
    • Machine Learning
    • Industrial IoT
  • Cloud
  • Security
  • 5G IoT
  • Cars
No Result
View All Result
  • IoT Forum
  • Hardware
    • Networking
  • Smart Home
  • Digital Transformation
    • All
    • Artificial Intelligence
    • Blockchain IoT
    • Enterprise IoT
    • Industrial IoT
    • Machine Learning
    • Smart City
    Top 5 trends for API-powered digital transformation in 2021

    Top 5 trends for API-powered digital transformation in 2021

    ONE Tech Launches Edge AI that Embeds and Trains AI Models Directly on MCU’s

    ONE Tech Launches Edge AI that Embeds and Trains AI Models Directly on MCU’s

    Awake Security Advances AI-powered Security for Faster Threat Protection and Remediation

    BlackSky awarded IARPA contract to develop next generation artificial intelligence platform

    • Wearables
    • Artificial Intelligence
    • Machine Learning
    • Industrial IoT
  • Cloud
  • Security
  • 5G IoT
  • Cars
No Result
View All Result
IOT News - Internet of Things
No Result
View All Result
Home Security

Cybereason Discovers a Global Outbreak of Malware Attacks Using Bitbucket Share Article

Cybercriminals are carrying out targeted attacks against companies around the world utilizing a shotgun approach with many different types of malware. Cybereason's researchers determined 500,000 + workstations are infected around the world.

IoTNews.com by IoTNews.com
February 7, 2020
in Security
0
Cybereason Discovers a Global Outbreak of Malware Attacks Using Bitbucket Share Article
21
SHARES
68
VIEWS
Share on FBShare on TwitterShare on LinkedinReddit

Cybereason, creators of the leading Cyber Defense Platform, today announced that its Nocturnus research team released its newest research findings The Hole in the Bucket, which uncovers an arsenal of malware actively abusing Bitbucket to steal data, mine for cryptocurrency, and deliver ransomware to victims all over the world. Today, more than 500,000 workstations have been infected.

Due to the variety of malware types deployed in this active attack, attackers are not limited to one attack vector, but can hit victims over and over again. The payloads observed in this campaign originated from different accounts in the code repository platform Bitbucket, which was abused as part of the attackers delivery infrastructure.

Key Findings:

  • Abuses Resource Sharing Platforms: This ongoing campaign abuses the Bitbucket infrastructure to store and distribute a large collection of different malware.

Attacks From All Sides: This campaign is able to steal sensitive browser data, cookies, email client data, system information, and two-factor authentication software data, along with cryptocurrency from digital wallets. It is also able to take pictures using the camera, take screenshots, mine Monero, and, in certain cases, also deploy ransomware.

  • Far Reaching: This ongoing campaign has infected over 500,000 machines worldwide thus far.

Modular and Constantly Updating: The attackers leverage Bitbucket to easily update payloads and distribute many different types of malware at once. In order to evade detection, they have an array of user profiles and continuously update their repositories, at times as often as every hour.

  • Malware Variety: The attackers use the Evasive Monero Miner to steal a combination of data, mine cryptocurrency, and deploy other malware, including the Vidar stealer, Amadey Bot, and IntelRapid. They also use Predator the Thief, Azorult, and the STOP ransomware over the course of the campaign.
  • Devastating Impact: The combination of so many different types of malware exfiltrating so many different types of data can leave organizations unworkable. This threat is able to compromise system security, violate user privacy, harm machine performance, and cause great damage to individuals and corporations by stealing and spreading sensitive information, all before infecting them with ransomware.

“This research is interesting because of how the attackers infect a single target machine with multiple different kinds of malware. These kinds of commodity malware are often used for a one-off infection to steal data on the machine and sell it in underground hacking communities. However, in this attack, the attackers chose to integrate malware like coin miners and ransomware, which gives them a more persistent source of revenue,” said Lior Rochberger, Threat Hunter, Cybereason

About Cybereason
Cybereason, creators of the leading Cyber Defense Platform, gives the advantage back to the defender through a completely new approach to cybersecurity. Cybereason offers endpoint prevention, detection and response and active monitoring. The solution delivers multi-layered endpoint prevention by leveraging signature and signatureless techniques to prevent known and unknown threats in conjunction with behavioral and deception techniques to prevent ransomware and fileless attacks.

JOIN OUR IoT COMMUNITY
IoTForums.com
×
Continue to iotForums.com
Internet of Things platforms, projects, development, devices & support forum
for developers and enthusiasts
Tags: bitbucketcybereasoncybersecurity
Share14Tweet3Share1Share
Previous Post

WISeKey’s Global Cybersecurity to Protect People’s Privacy and Critical Infrastructures

Next Post

Autonomous delivery vehicle set to roll after getting US approval

Related Posts

AWS Announces General Availability of Amazon Fraud Detector

ExtraHop Threat Research Team Finds One in Three IT Environments Vulnerable to Ripple20 Threat

by IoTNews.com
September 11, 2020
0

SEATTLE: ExtraHop, the leader in cloud-native network detection and response, today issued a report warning of the potential impact of...

Awake Security Advances AI-powered Security for Faster Threat Protection and Remediation

Awake Security Advances AI-powered Security for Faster Threat Protection and Remediation

by IoTNews.com
July 24, 2020
0

Awake Security, the only advanced network detection and response company that delivers answers, not alerts, today announced platform enhancements that...

Sequitur Labs Launches EmSPARK 2.0 Security Suite for Critical IoT Device Protection

Sequitur Labs Launches EmSPARK 2.0 Security Suite for Critical IoT Device Protection

by IoTNews.com
July 22, 2020
0

Sequitur Labs today debuted the next generation of its comprehensive approach to embedded system security with the launch of EmSPARK™...

IoT Forum Discussions

Realtek RTL8722DM Arduino Compatible WiFi + BLE IoT development board
Realtek RTL8722DM Arduino Compatible WiFi + BLE IoT development board

Realtek's RTL8722DM development board has recently added support for the Arduino IDE. It is an IoT-ready MCU powered by an ARM Cortex-M4 core at up to 200MHz coupled with a Cortex-M0 core at up to 20MHz. It is specially designed to be pin-compatible with the Arduino UNO, can be programmed using the Arduino IDE and supports most of the Arduino base examples and expansion boards. In addition to the standard MCU... Realtek RTL8722DM Arduino Compatible WiFi + BLE IoT development board [...]

Happy CNY Eink

Wish everybody has good luck in the coming year!!! The project is made of E-ink screen, RTL8722_mini and a buzzer. [...]

MicroPython for IoT?
MicroPython for IoT?

MicroPython is a platform if you are sick of traditional embedded system development. Let us play together. RTL8722DM MicroPython SDK. MicroPython SDK is the first time Ameba combined python and c language to make up an SDK. Also, the runtime debug is supported. Please, Log in or Register to view URLs content! Please, Log in or Register to view URLs content! [...]

SUBSCRIBE TO OUR FREE NEWSLETTER
* we never share your e-mail with third parties.
SUBSCRIBE NOW

Categories

  • 5G IoT
  • Artificial Intelligence
  • Blockchain IoT
  • Cloud Computing
  • Connected Car
  • Digital Transformation
  • Enterprise IoT
  • Industrial IoT
  • IoT Hardware
  • Machine Learning
  • Networking
  • Security
  • Smart City
  • Smart Home
  • Wearables

Stay Connected with IoTNews

IOT News - Internet of Things

© 2020 IoTNews.com

Navigate Site

  • Home
  • About us
  • Write for us
  • Contact Us
  • Newsletter signup

Follow Us

No Result
View All Result
  • IoT Forum
  • Hardware
    • Networking
  • Smart Home
  • Digital Transformation
    • Wearables
    • Artificial Intelligence
    • Machine Learning
    • Industrial IoT
  • Cloud
  • Security
  • 5G IoT
  • Cars

© 2020 IoTNews.com