🚀 Hackers Use Auto-Reply Emails To Deliver Crypto Mining Malware
#Hackers #CryptoMining #Malware #EmailSecurity #Cybersecurity #XMRig #Monero #ThreatIntelligence #Phishing #MaliciousEmails
According to Cointelegraph, cybersecurity researchers have uncovered a new method employed by hackers to deliver malware for covert cryptocurrency mining, utilizing automated email replies. Researchers from the threat intelligence firm Facct reported that hackers exploited auto-reply emails from compromised accounts to target Russian companies, marketplaces, and financial institutions. The attackers aimed to install the XMRig miner on their victims’ devices to mine digital assets.
Facct identified 150 emails containing XMRig since the end of May. However, the cybersecurity firm also noted that their business email protection system successfully blocked malicious emails sent to their clients. Facct senior analyst Dmitry Eremenko highlighted the danger of this delivery method, explaining that potential victims initiate the communications. Unlike mass-delivered messages, which can be ignored, auto-replies come from contacts the victims expect to hear from, making the malware distribution less suspicious.
The cybersecurity firm urged companies to conduct regular training to increase employees’ knowledge of cybersecurity and current threats. They also recommended using strong passwords and multifactor authentication mechanisms. Ethical hacker Marwan Hachem suggested using different communication devices to isolate unwanted software and prevent hackers from accessing the main device.
XMRig is a legitimate open-source application that mines the Monero (XMR) cryptocurrency token. However, hackers have integrated the software into their attacks, using various tactics to install the app into different systems since 2020. In June 2020, a malware called “Lucifer” targeted old vulnerabilities in Windows systems to install the XMRig mining application. In August 2020, a malware botnet called “FritzFrog” was deployed to millions of IP addresses, targeting government offices, educational institutions, banks, and companies to install the XMRig app.#Hackers #CryptoMining #Malware #EmailSecurity #Cybersecurity #XMRig #Monero #ThreatIntelligence #Phishing #MaliciousEmails
🚀 Kinto Warns Users About Phishing Emails
#Kinto #Phishing #EmailSecurity #CyberSecurity #UserWarning #StayVigilant
According to PANews, Kinto, a Layer 2 network, has issued a warning to its users regarding phishing emails that have been circulating recently. These emails are designed to appear as if they are from Kinto, but the company has confirmed that they did not send them. Users are advised not to click on any links contained within these emails.
Kinto has assured its users that there has been no breach of their email database. Interestingly, some recipients of these phishing emails do not even have accounts associated with Kinto, further indicating that the emails are not a result of a data leak from the company. Users are urged to remain vigilant and report any suspicious communications to Kinto to help prevent potential security breaches.#Kinto #Phishing #EmailSecurity #CyberSecurity #UserWarning #StayVigilant
🚀 ENS Developer Targeted in Phishing Attack Exploiting Google Infrastructure
#ENS #phishingattack #Google #cybersecurity #SlowMist #passkeys #emailsecurity #infosec #vulnerability
According to BlockBeats, SlowMist founder Yu Jian revealed on social media that the ENS chief developer was recently targeted in a phishing attack exploiting a vulnerability within Google's infrastructure. The phishing group deceived users by sending emails disguised as official Google communications, tricking them into believing they were under law enforcement scrutiny. Despite Google's efforts to counteract these attacks, the group launched a new wave of phishing attempts, continuing to lure users to subdomains under "google.com" to extract account passwords and immediately add Passkeys.
Previously, on April 16, ENS chief developer nick.eth reported a highly sophisticated phishing attack that leveraged a flaw in Google's infrastructure, which Google has refused to fix. He noted that the phishing emails appeared very authentic, passing DKIM signature verification and being displayed normally in Gmail, alongside other legitimate security warnings. The attackers exploited Google's "Sites" service to create a convincing "support portal" page, leading users to mistakenly trust the domain containing "google.com" as secure. Users are advised to remain vigilant.#ENS #phishingattack #Google #cybersecurity #SlowMist #passkeys #emailsecurity #infosec #vulnerability
🚀 Solana Co-Founder Warns of Ongoing Cybersecurity Threats
#Solana #Cybersecurity #RajGokal #Hacking #SecurityThreats #EmailSecurity #AccountSafety #SOL
According to Odaily, Solana co-founder Raj Gokal recently shared on the X platform that attackers have been persistently attempting to gain control of his email, social media, Google, and Apple accounts over the past week. He cautioned users to be vigilant and advised that any unusual activity, such as unauthorized token issuance or fundraising, could indicate a hacking incident. Gokal urged users to remain alert to potential cybersecurity threats.#Solana #Cybersecurity #RajGokal #Hacking #SecurityThreats #EmailSecurity #AccountSafety #SOL
🚀 Global Email Security Threats Rise, Cloudflare Reports
#GlobalEmailSecurity #CloudflareReport #MaliciousEmails #PhishingAttacks #CryptoSecurity #CyberThreats #EmailSecurity #DataBreach #CredentialTheft #DeceptiveLinks #IdentityDeception #SpoofedDomains #Cyberattacks #Malware #Spam #EmailCybersecurity #TLDAbuse #BitcoinScams #HornetSecurity #CyberattackVectors #BTC
According to Cointelegraph, internet infrastructure company Cloudflare has reported that over 5% of all emails sent globally contain malicious content. The firm analyzed global email traffic over the past year and found that 5.6% of it was malicious, equating to more than one in every twenty emails containing harmful content. Notably, in November, this figure surged to nearly one in ten emails, almost doubling the annual average.
Cloudflare's 2025 year-in-review report highlights the dangers of malicious emails, which can lead to credential theft, data breaches, or financial loss. This is particularly concerning for crypto investors, as phishing attacks targeting traders, investors, and executives have become more sophisticated and frequent. Once a victim falls for a phishing link or sends cryptocurrency to a scammer, recovery is often impossible. In November, malicious emails reached 9.7%, with deceptive links being the most prevalent threat category, accounting for 52% of these emails.
Identity deception was the second most common threat, rising to 38% from 35% in 2024. Attackers often impersonate trusted individuals using spoofed domains, similar-looking domains, or display name tricks. Cloudflare identified the most abused top-level domain (TLD) extension as ".christmas," with 92.7% of emails from this domain being malicious and 7.1% being spam. Other frequently abused domains include ".lol," ".forum," ".help," ".best," and ".click."
Earlier this year, cybersecurity firm Barracuda analyzed 670 million emails, finding that email remains the most common attack vector for cyber threats. Malicious attachments and links are often used to distribute malware, launch phishing campaigns, and exploit vulnerabilities. They reported that one in four emails were unwanted spam, a quarter of all HTML attachments were malicious, and 12% of malicious PDF attachments were Bitcoin scams. In November, Hornet Security noted that email was a "consistent delivery vector" for cyberattacks in 2025, with malware-laden emails increasing by 131% year-over-year.#GlobalEmailSecurity #CloudflareReport #MaliciousEmails #PhishingAttacks #CryptoSecurity #CyberThreats #EmailSecurity #DataBreach #CredentialTheft #DeceptiveLinks #IdentityDeception #SpoofedDomains #Cyberattacks #Malware #Spam #EmailCybersecurity #TLDAbuse #BitcoinScams #HornetSecurity #CyberattackVectors #BTC