Skip to main content

Posts

Showing posts with the label Stealthy Backdoor

A compromised cryptocurrency software spotted installing AZORult malware

Attackers compromised the Github account of Denarius Cryptocurrency project lead and uploaded a backdoored version of Denarius Windows client v3.3.6. The backdoored version of Denarius Windows client installer also installed AZORult malware. Attackers have compromised the Github account of Denarius Cryptocurrency project lead and uploaded a backdoor version of Denarius Windows client v3.3.6. A security researcher named ‘Misterch0c’ spotted this backdoored Denarius client and notified ZDNet. ZDNet worked closely with Yonathan Klijnsma, a threat researcher at RiskIQ and confirmed Misterch0c’s findings. Denarius cryptocurrency project lead Carsen Klock disclosed that he reused an older password, which resulted in the compromise of his Github account. AZORult malware Researchers  Misterch0c  and Klijnsma analyzed the backdoored Denarius Windows client installer and confirmed that the Denarius client installer installed AZORult malware. “The .bat file is started, which it