Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Evolving Threat with Cryptojacking

May 15, 2023
Reading Time: 2 mins read
in Alerts
Evolving Threat with Cryptojacking

 

FortiGuard Labs researchers have uncovered new samples of the RapperBot botnet, which now includes support for cryptojacking activities. Initially detected in August, RapperBot borrows code from the Mirai botnet but distinguishes itself by employing brute force to target SSH servers instead of Telnet.

The latest campaign showcases the botnet’s evolution, incorporating persistence techniques and exploiting weak credentials to gain remote access.

The recent findings from FortiGuard Labs shed light on the ongoing development of the RapperBot botnet. Since its initial discovery in mid-June 2022, the botnet has undergone significant updates, with the most recent samples exhibiting cryptojacking capabilities.

While the malware initially utilized separate Monero miners, it has since integrated mining capabilities into the bot itself.

RapperBot’s ability to maintain persistence and adapt its attack methods is cause for concern. By employing SSH public key authentication with the comment “helloworld,” the bot can authenticate the SSH server without requiring a password.

The botnet’s continual updates and evasion techniques make it a potent threat. To mitigate its impact, FortiGuard Labs recommends enabling public key authentication and setting strong passwords for all internet-connected devices.

The researchers also highlighted two distinct clusters of ARM samples within the botnet, each with its own functionalities and capabilities. Additionally, the revised binary network protocol used by RapperBot helps evade detection, utilizing a two-layer approach for encoding and decoding information exchanged with the command-and-control (C2) server.

By continuously updating and refining its tactics, RapperBot poses an ongoing threat, emphasizing the importance of implementing robust security measures.

Reference:
  • RapperBot DDoS Botnet Expands into Cryptojacking
Tags: BotnetCryptojackingCyber AlertCyber Alerts 2023FortiGuard LabsMay 2023MiraiRapperBotSSH servers
ADVERTISEMENT

Related Posts

Phishing Targets Belgian Grand Prix Fans

Gaming Mouse Software Spreads Xred Malware

July 29, 2025
Phishing Targets Belgian Grand Prix Fans

Phishing Targets Belgian Grand Prix Fans

July 29, 2025
Phishing Targets Belgian Grand Prix Fans

macOS Flaw Bypasses TCC, Exposes Data

July 29, 2025
Scattered Spider Hits ESXi Servers

Scattered Spider Hits ESXi Servers

July 28, 2025
Scattered Spider Hits ESXi Servers

Malware Hides in Fake Dating Apps

July 28, 2025
Scattered Spider Hits ESXi Servers

Post SMTP Bug Exposes 200K Sites

July 28, 2025

Latest Alerts

Phishing Targets Belgian Grand Prix Fans

Gaming Mouse Software Spreads Xred Malware

macOS Flaw Bypasses TCC, Exposes Data

Post SMTP Bug Exposes 200K Sites

Malware Hides in Fake Dating Apps

Scattered Spider Hits ESXi Servers

Subscribe to our newsletter

    Latest Incidents

    Cathay Apologizes Over Asia Miles Breach

    Pro‑Ukraine Hackers Hit Aeroflot Servers

    GitHub Outage Disrupts Global Core Services

    Cyberattack Hits French Naval Group

    Tea App Leak Exposes 13K Women Users

    Allianz Life Data Breach Hits Majority

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial