Crypto-mining malware nets hacker group $3.4 million worth of Monero coins

Israeli security firm Check Point uncovered a large-scale cryptocurrency mining operation which installed malware on servers running Jenkins, an automation software designed for web development. The mining operation has, to date, mined around $3.4 million worth of Monero using malware installed on internet-connected Jenkins servers.

Unlike other illicit cryptocurrency mining operations, this one targeted servers rather than personal computers, which is why it went undetected long enough to earn some serious cash — $3.4 million as of this reporting.

The mining operation, which Check Point tracked to China, exploited a known vulnerability in Jenkins servers which allowed them to essentially ask the automation software to download and install the crypto-mining software. Jenkins, the ever-faithful automation software happily obliged.

Though this mining operation didn’t target personal computers, Check Point speculates that its presence on these Jenkins servers could still have some negative effects for everyday people.

“The JenkinsMiner could negatively impact the servers, causing slower load times and even issuing a Denial of Service. Depending on the strength of the attack, this could prove to be very detrimental to the machines,” Check Point reports.

While this kind of vulnerability might not be of concern to most people, it should definitely raise some eyebrows for web developers. It’s not the first time Jenkins servers have been exploited, and according to Bleeping Computer, exposed Jenkins servers pose a serious security risk to the web at large.

Citing research from security expert Mikail Tunç, Bleeping Computer reports that the researcher detected 25,000 exposed and vulnerable Jenkins servers as of mid-January. These servers are vulnerable not only because of the known exploits which hackers can use to turn them to their own ends but because of their connection to the internet. Insulating a Jenkins server from the web would be a big step in the right direction and keep hackers from repurposing a benign automation tool into a crypto-mining powerhouse.

This cryptocurrency mining operation is just one of many similar operations, siphoning clock cycles to mine Monero or other cryptocurrencies. According to Bleeping Computer, illicit Monero mining is already seeing an enormous uptick in 2018, with no signs of slowing down.

Why Monero? Well, Monero is an open-source cryptocurrency designed to be untraceable, private, and highly secure. Its security features make it an excellent choice for privacy-minded individuals, and sadly, illicit operations like this malicious mining operation.

Computing

Is your PC safe? Foreshadow is the security flaw Intel should have predicted

Three new processor vulnerabilities have appeared under the 'Foreshadow' banner. They're similar in nature to Meltdown and Spectre, only they steal data from different memory spaces. Here's everything you need to know.
Mobile

Google is updating Android Go with Android 9 Pie Go Edition

Android Go is a lightweight version of Android that promises to improve the user experience on devices with low-end processors or 1GB of RAM or less. Here's everything you need to know about Android Go.
Computing

The Andromeda botnet still lingers as nations struggle to clean infected PCs

A report by Fortinet suggests that although the FBI and Europe ended the Andromeda botnet’s reign in late 2017, there are still infected PCs. Cleaning up these PCs isn’t progressing at the same pace across various regions.
Computing

The browser-based Monero miner Coinhive generates around $250,000 each month

Despite a fall in cryptocurrency mining, the Coinhive Monero miner is still highly active, generating around $250,000 each month. Coinhive also contributes 1.18 percent of the total mining power behind the Monero blockchain.
Computing

Reluctant to give your email address away? Here's how to make a disposable one

Want to sign up for something without the risk of flooding your inbox with copious amounts of spam and unwanted email? You might want to consider using disposable email addresses with one of these handy services.
Computing

Both the Razer Blade and XPS 15 are capable laptops, but which is better?

We pit the latest Dell XPS 15 against the latest Razer Blade 15 to see which machine meets the needs of most people. Both are a fast, attractive, and well-built, but they still appeal to different users.
Computing

Logitech’s distinctive new ergonomic mouse looks as good as it feels

Logitech's first true ergonomic mouse sports an interesting tilted design that encourages less muscle strain. We spent some time with the MX Vertical to see how comfortable it is and determine whether or not we'd prefer it to a standard…
Computing

Use one of these password managers to stay safe online

The internet can be a scary place, especially if you don't have a proper passcode manager. This guide will show you the best password managers you can get right now, including both premium and free options. Find the right password software…
Mobile

Airport’s low-tech solution to digital chaos involves the humble whiteboard

A U.K. airport has suffered a major computer error, caused by data connection problems, which has stopped flight boards from showing crucial passenger information. The solution is wonderfully low-tech.
Computing

Here’s how to watch Nvidia’s GeForce event at Gamescom

Today is August 20, and that means Nvidia may showcase its GeForce RTX 20 Series of add-in graphics cards for gamers. We’re sticking with that name rather than the previous GTX 11 Series brand due to today’s date.
Computing

HTC breaks down VR barriers by bringing Oculus Rift titles to Viveport

HTC's Viveport store and subscription service will be opened to Oculus Rift users in September this year, letting them buy titles directly and take advantage of the monthly game-delivery service.
Computing

Dell’s new fast-refresh Freesync display could be your next great gaming screen

Dell has debuted a pair of new gaming TN displays, each offering high refresh rates and fast response times to gamers alongside Freesync technology. There are 24- and 27-inch versions of the new screens available now.
Computing

Nvidia’s GeForce RTX 20 Series starts at $500 and features real-time ray tracing

Nvidia revealed its new GeForce RTX 2000 Series of add-in desktop graphics cards for gamers during its pre-show Gamescom press event. The new family is based on Nvidia’s new “Turing” architecture focusing on real-time ray tracing.
Computing

Nvidia GeForce RTX GPUs are coming to Alienware and Predator gaming desktops

Dell and Acer have both announced support for Nvidia's new GeForce RTX 2000 graphics cards in refreshed gaming desktops, including Predator Orion series systems and Alienware desktops.