According to a study by Guardicore Labs, a Monero malware botnet known as FritzFrog has been deployed to ten millions of IP addresses. The malware has largely targeted governmental offices, educational institutions, medical centers, banks, and telecommunication companies, installing a Monero mining app known as XMRig. The study explains that FritzFrog uses a brute-force attack on millions of addresses to gain access to servers. That’s where an attacker is submitting many passwords or passphrases with the hope of eventually guessing correctly.
“FritzFrog appears to be a one-of-its-kind malware.”
Guardicore Labs explains that FritzFrog uses a brute-force attack on millions of addresses to gain access to servers, and it has successfully breached over 500 SSH servers, including those of known high-education institutions in the U.S. and Europe, and a railway company. The cybersecurity firm further noted that FritzFrog appears to be a one-of-its-kind Monero malware and that it was a “complicated task” to track it as the connections were hidden within a peer-to-peer (P2P) network. A researcher from the cybersecurity firm commented that unlike other P2P botnets, FritzFrog combines a set of properties that makes it unique. FritzFrog is fileless, as it assembles and executes payloads in-memory.
Crypto scams surge amid the COVID-19 pandemic.
Cryptocurrency related crimes have increased amid the ongoing pandemic across countries. Several countries reported a noticeable increase in malware attacks and other types of crypto scams. Earlier, the Attorney General of state California, Xavier Becerra, issued a warning for investors and consumers highlighting the rise in cryptocurrency scams. Authorities across countries also reported a rise in crypto scams that included a spike in ransomware attacks, Ponzi schemes, and other different types of scams involving digital currencies.
There are several types of crypto scams that have become quite prevalent, including fake giveaways, sextortion, fake exchanges, fake ICO’s, bitcoin recovery, video scams, pyramid schemes, and the list on.