Carding Forum
List Home Register Members Calendar Faq

card fraud , cardingmafia , carding board , darknet forum , carding best buy , carding sites , dump+pin , carding bitcoin , darknet markets , carding bins , credit card fraud , darkweb , free stuff , fraud , alphabay , carding mafia , atm fraud , carders forum , cardmafia , cvv shop , atm skimmers , carding tutorial , carding amazon , emv chip dumps , carding airbnb , carder cc , dumps shop , carding cashout , cvv shop , cvv store , cc carding free , carderpro , credit cards cvv , carding deep web , carder forum , credit cards cvv2 , black market , dumps , carding gift cards , dumps with pin , carder007 , carding bank transfer , cvv2 , rescator , buy dumps , carderspro , buy credit cards , carder su , black markets , carder amazon , dumps with pin for sale , carding dumps , fresh stuff , dumps 101 , cc carding sites , dumps 201 , dumps+pin , carding forum 2018 , free dumps , free cc cvv , buy dumps with pin


Go Back   Csu.Lu - Underground Black Market Carding Forum > English-speaking carders > Carding News
Members List Search Today's Posts Mark Forums Read

Carding News News about carding and carders.

Reply
 
Thread Tools
Old 09-01-2018, 05:07 PM   #1
DarkNet
Super Moderator
 
Join Date: Oct 2009
Posts: 437
Reputation: 134
Default NSA Exploits Used to Create Monero Mining Malware

The threat research team at F5 Networks discovered a new Monero mining campaign that leverages two NSA-attributed exploits: EternalBlue and EternalSynergy. The campaign, dubbed Zealot by F5 researchers, targets servers exploitable by the Apache Struts Jakarta Multipart Parser attack (CVE-2017-5638) and the DotNetNuke (DNN) content management system vulnerability (CVE-2017-9822). Once Zealot exploits a server, it executes a shell in the background and downloads a Monero miner and other dependencies.

Zealot then propagates the internal network by scanning for port 445. It checks if other machines are 32-bit or 64-bit. And then it injects shellcodes to exploit exploit EternalBlue and EternalSynergy. Zealot is capable of much more than simply Monero mining, but so far Monero mining has proven fairly lucrative; the specific address analyzed by the F5 researchers contained more than $8,500 in it. And due to the nature of Monero, the researchers are unable to know the total amount of Monero mined by the actor(s) behind Zeolot.
DarkNet is offline   Reply With Quote
Reply

Bookmarks

Tags
mining , monero , nsa exploits


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -5. The time now is 09:38 PM.