Carding Carders Carding Card Fraud Carding cc

Go Back   Csu.Lu - Carding Forum (card fraud, carding board, darknet forum, darknet markets, credit card fraud, darkweb, fraud, alphabay, atm fraud, cvv shop, atm skimmers, emv chip dumps, dumps shop, credit cards cvv, credit cards cvv2, dumps, dumps with pin, cvv2, buy dumps, buy credit cards, dumps with pin for sale, fresh stuff, dumps 101, dumps 201, dumps+pin, buy dumps with pin) > English-speaking carders > Carding News
Members List Search Today's Posts Mark Forums Read

Carding News News about carding and carders.

Thread Tools
Old 09-01-2018, 05:07 PM   #1
Super Moderator
Join Date: Oct 2009
Posts: 390
Reputation: 134
Default NSA Exploits Used to Create Monero Mining Malware

The threat research team at F5 Networks discovered a new Monero mining campaign that leverages two NSA-attributed exploits: EternalBlue and EternalSynergy. The campaign, dubbed Zealot by F5 researchers, targets servers exploitable by the Apache Struts Jakarta Multipart Parser attack (CVE-2017-5638) and the DotNetNuke (DNN) content management system vulnerability (CVE-2017-9822). Once Zealot exploits a server, it executes a shell in the background and downloads a Monero miner and other dependencies.

Zealot then propagates the internal network by scanning for port 445. It checks if other machines are 32-bit or 64-bit. And then it injects shellcodes to exploit exploit EternalBlue and EternalSynergy. Zealot is capable of much more than simply Monero mining, but so far Monero mining has proven fairly lucrative; the specific address analyzed by the F5 researchers contained more than $8,500 in it. And due to the nature of Monero, the researchers are unable to know the total amount of Monero mined by the actor(s) behind Zeolot.
DarkNet is offline   Reply With Quote


mining, monero, nsa exploits

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

All times are GMT -5. The time now is 06:38 AM.