all InfoSec news
Distribution of Zephyr CoinMiner Using Autoit
Malware Analysis, News and Indicators - Latest topics malware.news
AhnLab SEcurity intelligence Center (ASEC) recently discovered that a CoinMiner targeting Zephyr is being distributed. The file is created with Autoit, and it is being spread in the form of a compressed file that contains the CoinMiner.
The compressed file is being distributed as “WINDOWS_PY_M3U_EXPLOIT_2024.7z,” and upon decompressing the file, several scripts and executables are created. Among them, “ComboIptvExploit.exe” is a Nullsoft Scriptable Install System (NSIS) installer, and two Javascript files exist within it.
Figure 1. WINDOWS_PY_M3U_EXPLOIT_2024.7z, decompressed
When the …
ahnlab asec autoit center coinminer distributed distribution file intelligence malware analysis scripts security security intelligence targeting zephyr