IBM Security X-Force Threat Researchers have discovered a new variant of the RansomExx ransomware that has been rewritten in the Rust programming language, joining a growing trend of ransomware developers switching to the language.
The Dovecat Monero-mining malware doesn't steal data, but it consumes large amounts of CPU and memory. This is the latest threat faced by QNAP customers - after research published in July 2020 identified that tens of thousands of NAS drives are potentially vulnerable to malware that prevents administrators from applying patches.
The recently discovered DreamBus botnet uses exploits and brute-force attacks to target PostgreSQL, Redis, SaltStack, Hadoop, Spark, and others enterprise-level apps that run on Linux systems. "The idea is to give the DreamBus gang a foothold on a Linux server where they could later download and install an open-source app that mines the Monero (XMR) cryptocurrency to generate profits for the attackers."
Researchers are tracking a new botnet dubbed "FreakOut" that's targeting vulnerabilities in Linux systems. Botnet operators have been mass-scanning for vulnerable Linux devices, and the command-and-control server associated with FreakOut has now targeted several hundred vulnerable devices.