Intezer Labs, a New York-based malware analysis and detection firm, found out hackers using the infamous "Doki" backdoor have been using Dogecoin wallets to mask their online presence.
A hacker - who goes by Ngrok - had uncovered a method to use Dogecoin wallets for infiltrating web servers, the firm noted.
Intezer Labs found out Doki was using a previously undocumented method to contact its operator by abusing the Dogecoin blockchain in a unique way in o.rder to dynamically generate its control and command domain addresses.
Using Dogecoin transactions allowed the attackers to alter these C&C addresses on any affected computers, or servers, that ran Ngrok's Monero mining bots.
"While some malware strains connect to raw IP addresses or hardcoded URLs included in their source code, Doki used a dynamic algorithm to determine the control and command address using the Dogecoin API.".
The firm added these steps meant security firms needed to access the hacker's Dogecoin wallet to take down Doki, which was "Impossible" without knowing the wallet's private keys.
They used the Doki service to determine and change the URL of the control and command server it needed to connect for new instructions.
When the above was fully executed, the Ngrok gang could change Doki's command servers by making a single transaction from within a Dogecoin wallet they controlled.
Dogecoin and Doki only served as access bridge, as ZDNet.
Intezer said Doki has been active since this January, but remained undetected on all 60 "VirusTotal" scanning software used on Linux servers.
Dogecoin is now being used by crypto hackers after TikTok boom
gepubliceerd op Aug 1, 2020
by Cryptoslate | gepubliceerd op Coinage
Vermeld in dit artikel
Chainlink rallies to fresh highs of $16, but data reveals mounting selling pressure
Chainlink's price has flashed signs of intense strength in recent weeks, with each pullback being aggressively bought by bulls.
The Linux Foundation Wants Open-Source Tech to Address Future Pandemics
The LFPHI's goal is to promote the use of open source by public health authorities, which can be scrutinized by anyone, to fight not just COVID-19 but future pandemics as well.
Grayscale Tells SEC Its Bitcoin Trust Rose $1.6B Over Six Months
The total value of Grayscale's flagship Bitcoin Trust increased over $1.6 billion in the first six months of 2020.The New York-based crypto investment firm said the dollar value of total assets in GBTC went from $1.87 billion at the end of 2019 to $3.5 billion by the end of Q2 2020 - an increase of 90%.The disclosure came in a quarterly report filed with the Securities and Exchange Commission last Friday.
Russian Financial Crime Agency Plans AI Tool to Link Crypto Transfers to Users
The Russian agency charged with collecting data to counter financial crimes has proposed building its own software to track cryptocurrency transactions and link them to users.