News and Comment: To crypt, or to mine – that is the question

To crypt, or to mine – that is the question

To crypt, or to mine – that is the question

NEWS: Way back in 2013 our malware analysts spotted the first malicious samples related to the Trojan-Ransom.Win32.Rakhni family. That was the starting point for this long-lived Trojan family, which is still functioning to this day. Now the criminals have decided to add a new feature to their creation – a mining capability.

Read full article at  To crypt, or to mine – that is the question


“We’re often remarking on the typical hackers’ penchant for taking the easy option, where possible, which often includes reuse of old techniques and, in this case, old malware code.  The resurgence of the Rakhni malware with an updated ability to choose between ransomware and crypto-mining is a sign of the times, as we are now seeing a huge increase in crypto-jacking as the method of choice for cybercriminal revenue generation.  However, with such complexity and now flexibility in the design of this particular malware, we shouldn’t be surprised if it gains other tools in its armoury, such as the ability to create a DDoS-for-hire botnet, as another revenue generator for the cyber community.  In this case, your endpoint security won’t help you, as it’s other, less well secured, endpoints that’ll be creating the problem.  And, in this case, if your organization relies upon its Internet availability, the only way to preserve that, is to deploy the latest real-time, automatic, DDoS protection solutions.”

Sean Newman, Director Product Management, Corero Network Security