StaryDobry campaign targets gamers with XMRig miner
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A cybercriminal campaign launched on December 31 exploited reduced vigilance during the holiday season by distributing trojanized versions of popular games via torrent sites. The attack, which lasted a month, affected users worldwide by spreading the XMRig cryptominer. The sophisticated infection chain employed various defense evasion techniques. Malicious installers were created using Inno Setup and contained encrypted malware components. Multiple stages of the attack chain involved anti-debugging checks, IP geolocation, system fingerprinting, and resource spoofing. The final payload was an XMRig miner configured to connect to the attacker's mining pool. The campaign primarily targeted regular users, with some organizational infections likely due to compromised computers within corporate networks.
OPENCTI LABELS :
multi-stage,cryptomining,xmrig,gaming,defense evasion,torrents,resource spoofing
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
StaryDobry campaign targets gamers with XMRig miner