coin miner


On 6th December 2017, FortiGuard Labs discovered a compromised website - acenespargc[.]com. Looking into the source code, we noticed a suspicious encrypted script which the uses eval() function to convert all the characters into numbers. We used a tool called CharCode Translator to reverse the numbers back into characters. We were then able to retrieve a link which redirects to a scam page or phishing website. Part 1   Part 2 The above is just a simple example. The threat actor can actually... [Read More]
by RSS Eric Chong  |  Feb 07, 2018  |  Filed in: Security Research
  Introduction The ART team at Fortinet has discovered a new malware named Proteus, a multifunctional botnet written in .NET that appears to be a proxy, coin miner, e-commerce merchant account checker, and keylogger. This particular botnet is downloaded by the Andromeda botnet. The handful of malicious features densely packed in this new malware also includes the ability to drop other malware. We have compiled its main features in this brief analysis. Data Encryption All C&C communication is encrypted with a symmetrical algorithm.... [Read More]
by RSS Donna Wang, Jacob (Kuan Long) Leong  |  Nov 28, 2016  |  Filed in: Security Research