Hackers use auto-reply emails to deliver crypto mining malware
Facct advises organisations to enhance cybersecurity measures, including regular training and multifactor authentication.
Cybersecurity experts have uncovered a novel tactic used by hackers to deliver malware for covert crypto mining. Hackers are now exploiting automated email replies from compromised accounts to infect businesses in Russia, including financial institutions, with the XMRig mining tool. Since May, over 150 emails containing this malicious software have been detected, but most were blocked by Facct, a leading threat intelligence firm.
This technique is particularly dangerous as it involves victims initiating contact, and expecting a reply from their initial email. Due to this established communication, many are unsuspecting of the malware attached. Facct urges organisations to stay vigilant by conducting regular cybersecurity training and adopting strong passwords with multifactor authentication.
The XMRig software, often used in crypto mining attacks, has been part of several widespread malware campaigns since 2020, highlighting the persistent threat of cybercriminals using innovative methods to target vulnerable systems.
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.
