all InfoSec news
CoinMiner Distribution Process within Infiltrated Systems (Detected by EDR)
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab Security Emergency Response Center (ASEC) has identified the process through which threat actors install CoinMiners, which utilize a compromised system’s resources for cryptocurrency mining. This post will cover how the AhnLab EDR product detects the installation process of CoinMiners that use system resources for cryptocurrency mining.
Figure 1. Execution of command from threat actor
Figure 1 shows that the threat actor used the same command consistently on the infiltrated system. It shows a PowerShell script was detected being executed …
ahnlab asec center coinminer coinminers compromised cryptocurrency cryptocurrency mining distribution edr emergency install installation malware analysis mining process product resources response security system systems threat threat actors