Tag: Asia

New Crypto-Mining Attacks Leverage NSA-Linked EternalBlue Exploit

A new version of the NRSMiner is actively spreading in the southern region of Asia. The majority of detections (54%) have been found in Vietnam, followed by Iran (16%) and Malaysia (12%). The new version either updates existing NRSMiner infections, or spreads to new systems using the EternalBlue exploit.

EternalBlue is one of the NSA exploits stolen by the Shadow Brokers and leaked to the public. It was patched by Microsoft in March 2017, leaked by Shadow Brokers in April 2017, and used by WannaCry in May 2017. That EternalBlue is still being used to spread malware nearly two years after it was patched by Microsoft points to a massive failure in patching.

Read more about the new NRSMiner attacks on SecurityWeek.

Octopus Trojan exploits Telegram ban fears to snag diplomatic targets across Asia

Researchers have uncovered the Octopus Trojan in a wave of cyberattacks being launched against diplomatic entities across central Asia. According to cybersecurity firm Kaspersky Lab, the targeted campaign has used the recent ban of Telegram messenger across Russia and reported attempts to ban the service across some former Soviet areas such as Kazakhstan to dupe victims into believing they are downloading an accessible, legitimate version of the true communications service.

The malicious payload looks like the Telegram messenger app but instead provides a remote access conduit for attackers to hijack victim PCs.

Read more about the wave of cyberattacks across central Asia on ZDNet.