Rare Werewolf Hackers Target Russian Devices for Crypto Theft
The post Rare Werewolf Hackers Target Russian Devices for Crypto Theft appeared on BitcoinEthereumNews.com. Rare Werewolf hackers target Russian devices for cryptojacking and data theft. Malicious phishing emails pose as authentic documents. The crypto mining day begins at one in the morning and finishes at five. Hundreds of Russian devices have been compromised by the well-organized hacker group Rare Werewolf, which aims to mine cryptocurrency and steal private information. The group has operated since at least 2019 and employs advanced phishing methods to infiltrate systems, often targeting industrial enterprises and engineering institutions in Russia, Belarus, and Kazakhstan. Cybersecurity experts have found that they are sneaky and misuse legitimate software to achieve malicious purposes. Phishing Emails Fuel Rare Werewolf Attacks The Rare Werewolf campaign begins with the phishing emails that are composed in the Russian language and camouflaged as the official messages of trusted organizations. These emails contain password-protected archives, whose executable files are disguised as business documents, such as payment orders. The files, when opened, run malware that provides the hackers with remote access to the systems of the victims. The malware obtains unlawful control, most often with the assistance of such software as AnyDesk, which makes it possible to bypass the protection. The machines will be programmed to switch on at 1 a.m. and switch off at 5 a.m. so that operations will be secretive. Such a wake-and-sleep cycle minimizes the chances of being detected because the systems do not indicate any irregularity during working hours. Cryptojacking and Data Theft Tactics Once the access is achieved, Rare Werewolf hackers deploy XMRig software to mine cryptocurrency, utilizing the RAM, CPU cores, and GPUs of the device to their fullest. Concurrently, they steal log-ins and privileged operational information, mostly in industrial and academic instances. The group has the ability to evade detection, which is facilitated by the fact that they employ genuine third-party tools, such…
The post Rare Werewolf Hackers Target Russian Devices for Crypto Theft appeared on BitcoinEthereumNews.com.
Rare Werewolf hackers target Russian devices for cryptojacking and data theft. Malicious phishing emails pose as authentic documents. The crypto mining day begins at one in the morning and finishes at five. Hundreds of Russian devices have been compromised by the well-organized hacker group Rare Werewolf, which aims to mine cryptocurrency and steal private information. The group has operated since at least 2019 and employs advanced phishing methods to infiltrate systems, often targeting industrial enterprises and engineering institutions in Russia, Belarus, and Kazakhstan. Cybersecurity experts have found that they are sneaky and misuse legitimate software to achieve malicious purposes. Phishing Emails Fuel Rare Werewolf Attacks The Rare Werewolf campaign begins with the phishing emails that are composed in the Russian language and camouflaged as the official messages of trusted organizations. These emails contain password-protected archives, whose executable files are disguised as business documents, such as payment orders. The files, when opened, run malware that provides the hackers with remote access to the systems of the victims. The malware obtains unlawful control, most often with the assistance of such software as AnyDesk, which makes it possible to bypass the protection. The machines will be programmed to switch on at 1 a.m. and switch off at 5 a.m. so that operations will be secretive. Such a wake-and-sleep cycle minimizes the chances of being detected because the systems do not indicate any irregularity during working hours. Cryptojacking and Data Theft Tactics Once the access is achieved, Rare Werewolf hackers deploy XMRig software to mine cryptocurrency, utilizing the RAM, CPU cores, and GPUs of the device to their fullest. Concurrently, they steal log-ins and privileged operational information, mostly in industrial and academic instances. The group has the ability to evade detection, which is facilitated by the fact that they employ genuine third-party tools, such…
What's Your Reaction?
