🚀 New Linux Malware Threatens Docker Infrastructure
#Linux #Malware #Docker #Cryptojacking #Cybersecurity #Kaspersky #Dero #Golang #Virtualization #Containers #Kubernetes
According to Foresight News, a report by cybersecurity firm Kaspersky has revealed a new Linux malware activity targeting insecure Docker infrastructures. This threat is turning exposed servers into part of a decentralized cryptojacking network mining the privacy coin Dero.
The attack exploits the publicly accessible Docker API on port 2375. Once access is gained, the malware generates malicious containers, infecting running containers to steal system resources for mining Dero. It also scans for other targets without needing a central command server. Docker, from a software perspective, is a set of applications or platform tools and products that use operating system-level virtualization to deliver software in small packages known as containers.
The threat actors behind this operation have deployed two Golang-based implants: one named "nginx," which is deliberately disguised as legitimate web server software, and another called "cloud," which is the actual mining software for generating Dero. Once a host is compromised, the nginx module continuously scans the internet for more vulnerable Docker nodes, using tools like Masscan to identify targets and deploy new infected containers.
To evade detection, the malware encrypts configuration data, including wallet addresses and Dero node endpoints, and hides itself in paths typically used by legitimate system software. Kaspersky found that the wallet and node infrastructure used in earlier cryptojacking activities targeting Kubernetes clusters in 2023 and 2024 are the same, indicating an evolution of a known operation rather than a completely new threat.#Linux #Malware #Docker #Cryptojacking #Cybersecurity #Kaspersky #Dero #Golang #Virtualization #Containers #Kubernetes
🚀 Vitalik Buterin Discusses AI's Impact on Learning and Development
#VitalikButerin #AI #ArtificialIntelligence #Learning #Development #Android #Linux
According to Odaily, Vitalik Buterin recently shared his experiences with artificial intelligence on the X platform. He noted that AI has been minimally helpful in areas where he is an expert. However, in fields where he is a novice, AI has proven to be quite beneficial. He cited recent examples such as developing native Android applications and understanding Linux's internal structures.#VitalikButerin #AI #ArtificialIntelligence #Learning #Development #Android #Linux
🚀 ModStealer Malware Poses Threat to Crypto Wallets Across Platforms
#ModStealer #Malware #CryptoWallets #CrossPlatform #Windows #Linux #macOS #WalletExtensions #WalletData #Credentials #DigitalCertificates #C2Server #PrivateKeys #MnemonicPhrases #APIKeys #OnChainAttacks #JobAdvertisements #Developers #NodeJS #SecurityThreat
According to PANews, security firm Mosyle has identified a cross-platform malware named ModStealer, which can bypass mainstream antivirus software by disguising itself as a background assistant program. This malware specifically targets browser-based crypto wallet data on Windows, Linux, and macOS systems. It spreads through fake job advertisements and primarily targets developers with Node.js environments installed.
ModStealer is capable of automatically executing and collecting wallet extensions, system credentials, and digital certificates, subsequently uploading the data to a remote command and control (C2) server. Security experts warn that this malware poses a direct threat to cryptocurrency users and platforms, potentially leading to the exposure of private keys, mnemonic phrases, and API keys, which could result in large-scale on-chain attacks.#ModStealer #Malware #CryptoWallets #CrossPlatform #Windows #Linux #macOS #WalletExtensions #WalletData #Credentials #DigitalCertificates #C2Server #PrivateKeys #MnemonicPhrases #APIKeys #OnChainAttacks #JobAdvertisements #Developers #NodeJS #SecurityThreat
🚀 Tether Data Launches AI Research Tools for STEM Model Training
#TetherData #AIresearch #QVAC #syntheticdataset #AImodels #STEM #QVACGenesisI #QVACWorkbench #AIenthusiasts #researchers #LLMs #Llama #Medgemma #Qwen #SmolVLM #Whisper #Android #iOS #Windows #macOS #Linux
According to Foresight News, Tether Data's AI research division, QVAC, has unveiled a synthetic dataset named QVAC Genesis I, designed for training AI models with a focus on STEM fields. Additionally, Tether Data introduced its first consumer application, QVAC Workbench, which serves as a comprehensive workspace showcasing the potential of AI on local devices. The target audience for QVAC Workbench includes AI enthusiasts, advanced users, and researchers. The application supports various large language models (LLMs) and other AI models, such as Llama, Medgemma, Qwen, SmolVLM, and Whisper. It is compatible with smartphones (currently available on Android, with iOS support expected in a few days) and desktop platforms (Windows, macOS, and Linux), offering the most extensive device support compared to existing products.#TetherData #AIresearch #QVAC #syntheticdataset #AImodels #STEM #QVACGenesisI #QVACWorkbench #AIenthusiasts #researchers #LLMs #Llama #Medgemma #Qwen #SmolVLM #Whisper #Android #iOS #Windows #macOS #Linux
🚀 Vitalik Buterin Compares Ethereum to BitTorrent and Linux
#VitalikButerin #Ethereum #BitTorrent #Linux #Decentralization #OpenSource #CensorshipResistance #TrustMinimization #Blockchain #Layer1 #FinancialAutonomy #IdentityGovernance #Enterprises #PublicTrust #ETH
According to ChainCatcher, Vitalik Buterin recently stated on the X platform that Ethereum can be likened to BitTorrent and Linux. He explained that BitTorrent represents the coexistence of decentralization and scale, while Linux exemplifies open-source, public trust, and widespread application. Buterin emphasized that Ethereum Layer 1 should serve as the financial, identity, and governance foundation for individuals and organizations seeking autonomy, enabling them to unlock the network's full potential without relying on intermediaries. He also noted that the demand from enterprises for open, censorship-resistant systems aligns closely with the principle of 'trust minimization.'#VitalikButerin #Ethereum #BitTorrent #Linux #Decentralization #OpenSource #CensorshipResistance #TrustMinimization #Blockchain #Layer1 #FinancialAutonomy #IdentityGovernance #Enterprises #PublicTrust #ETH
🚀 Axios Library Compromised by Malicious Attack
#Axios #JavaScript #npm #CyberSecurity #Malware #RAT #SupplyChainAttack #macOS #Windows #Linux #SoftwareSecurity #OIDC #SLSA #Huntress #ChainCatcher #npmToken
An attacker has compromised the npm access token of the lead maintainer of Axios, a popular JavaScript HTTP client library, and used it to release two malicious versions containing cross-platform remote access trojans (RATs). According to ChainCatcher, these versions, axios@1.14.1 and axios@0.3.4, targeted macOS, Windows, and Linux systems. The malicious packages were removed from the npm registry approximately three hours after their release.
Data from security company Wiz indicates that Axios is downloaded over 100 million times weekly and is present in about 80% of cloud and code environments. Security firm Huntress detected the first infections just 89 seconds after the malicious packages went live and confirmed that at least 135 systems were compromised during the exposure period. Notably, the Axios project had implemented modern security measures such as the OIDC trusted publishing mechanism and SLSA provenance proofs. However, the attacker bypassed these defenses entirely.
The investigation revealed that while configuring OIDC, the project retained the traditional long-lived NPM_TOKEN. When both tokens coexist, npm defaults to using the traditional token, allowing the attacker to publish without breaching OIDC.#Axios #JavaScript #npm #CyberSecurity #Malware #RAT #SupplyChainAttack #macOS #Windows #Linux #SoftwareSecurity #OIDC #SLSA #Huntress #ChainCatcher #npmToken