all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

New LABRAT Campaign Exploits GitLab Flaw for Cryptojacking and Proxyjacking Activities

Add to bookmarks
Aug. 17, 2023, 2:26 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

A new, financially motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign.
"The attacker utilized undetected signature-based tools, sophisticated and stealthy cross-platform malware, command-and-control (C2) tools which bypassed firewalls, and kernel-based rootkits to hide their presence," Sysdig

campaign command control critical critical flaw cross-platform malware cryptojacking exploits firewalls flaw gitlab hide kernel malware platform presence proxyjacking rootkits signature tools undetected

Visit resource

More from thehackernews.com / The Hacker News

Bitcoin Forensic Analysis Uncovers Money Laundering Clusters and Criminal Proceeds 10 hours ago | thehackernews.com
analysis bitcoin blockchain clusters +19
Android Malware Wpeeper Uses Compromised WordPress Sites to Hide C2 Servers 11 hours ago | thehackernews.com
android android devices android malware binary +21
Everyone's an Expert: How to Empower Your Employees for Cybersecurity Success 14 hours ago | thehackernews.com
course cybersecurity decision employees +8
ZLoader Malware Evolves with Anti-Analysis Trick from Zeus Banking Trojan 14 hours ago | thehackernews.com
analysis anti-analysis authors banking +14
Ex-NSA Employee Sentenced to 22 Years for Trying to Sell U.S. Secrets to Russia 18 hours ago | thehackernews.com
agency classified defense documents +17
Millions of Malicious 'Imageless' Containers Planted on Docker Hub Over 5 Years 1 day, 11 hours ago | thehackernews.com
attacks campaigns containers cybersecurity +10
U.S. Government Releases New AI Security Guidelines for Critical Infrastructure 1 day, 14 hours ago | thehackernews.com
address ai risks ai security artificial +16
Considerations for Operational Technology Cybersecurity 1 day, 14 hours ago | thehackernews.com
change control cybersecurity devices +18
New U.K. Law Bans Default Passwords on Smart Devices Starting April 2024 1 day, 19 hours ago | thehackernews.com
act and telecommunications april bans +23

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Security Engineer II- Full stack Java with React

@ JPMorgan Chase & Co. | Hyderabad, Telangana, India
View on infosec-jobs.com

Cybersecurity SecOps

@ GFT Technologies | Mexico City, MX, 11850
View on infosec-jobs.com

Senior Information Security Advisor

@ Sun Life | Sun Life Toronto One York
View on infosec-jobs.com

Contract Special Security Officer (CSSO) - Top Secret Clearance

@ SpaceX | Hawthorne, CA
View on infosec-jobs.com

Early Career Cyber Security Operations Center (SOC) Analyst

@ State Street | Quincy, Massachusetts
View on infosec-jobs.com
View more jobs