Diaries by Keyword - SANS Internet Storm Center

Participate: Learn more about our honeypot network
https://isc.sans.edu/tools/honeypot/

Handler on Duty: Didier Stevens

Threat Level: green

Date	Author	Title
COIN MINER
2018-11-30	Remco Verhoef	CoinMiners searching for hosts
2017-11-13	Guy Bruneau	VBE Embeded Script (info.zip)
2016-11-13	Guy Bruneau	Bitcoin Miner File Upload via FTP
COIN
2023-01-15/a>	Johannes Ullrich	Elon Musk Themed Crypto Scams Flooding YouTube Today
2022-08-26/a>	Xavier Mertens	Paypal Phishing/Coinbase in One Image
2022-05-18/a>	Jan Kopriva	Do you want 30 BTC? Nothing is easier (or cheaper) in this phishing campaign...
2022-03-07/a>	Johannes Ullrich	No Bitcoin - No Problem: Follow Up to Last Weeks Donation Scam
2020-07-20/a>	Rick Wanner	Sextortion Update: The Final Final Chapter
2019-03-21/a>	Xavier Mertens	New Wave of Extortion Emails: Central Intelligence Agency Case
2019-02-01/a>	Rick Wanner	Sextortion: Follow the Money Part 3 - The cashout begins!
2019-01-18/a>	John Bambenek	Sextortion Bitcoin on the Move
2019-01-10/a>	Brad Duncan	Heartbreaking Emails: "Love You" Malspam
2018-12-26/a>	Didier Stevens	Bitcoin "Blocklists"
2018-11-30/a>	Remco Verhoef	CoinMiners searching for hosts
2018-07-21/a>	Didier Stevens	BTC pickpockets are back
2018-07-15/a>	Didier Stevens	Video: Retrieving and processing JSON data (BTC example)
2018-07-15/a>	Didier Stevens	Extracting BTC addresses from emails
2018-07-14/a>	Didier Stevens	Retrieving and processing JSON data (BTC example)
2018-01-25/a>	Xavier Mertens	Ransomware as a Service
2017-11-13/a>	Guy Bruneau	VBE Embeded Script (info.zip)
2017-09-30/a>	Lorna Hutcheson	Who's Borrowing your Resources?
2017-08-24/a>	Bojan Zdrnja	Free Bitcoins? Why not?
2016-11-13/a>	Guy Bruneau	Bitcoin Miner File Upload via FTP
2014-07-07/a>	Johannes Ullrich	Multi Platform *Coin Miner Attacking Routers on Port 32764
2014-04-26/a>	Guy Bruneau	Android Users - Beware of Bitcoin Mining Malware
2014-04-01/a>	Johannes Ullrich	cmd.so Synology Scanner Also Found on Routers
2011-09-05/a>	Bojan Zdrnja	Bitcoin – crypto currency of future or heaven for criminals?
MINER
2023-01-02/a>	Xavier Mertens	NetworkMiner 2.8 Released
2022-04-05/a>	Johannes Ullrich	WebLogic Crypto Miner Malware Disabling Alibaba Cloud Monitoring Tools
2021-12-21/a>	Xavier Mertens	More Undetected PowerShell Dropper
2021-03-19/a>	Xavier Mertens	Pastebin.com Used As a Simple C2 Channel
2020-11-07/a>	Guy Bruneau	Cryptojacking Targeting WebLogic TCP/7001
2020-02-02/a>	Didier Stevens	Video: Stego & Cryptominers
2019-12-26/a>	Xavier Mertens	Bypassing UAC to Install a Cryptominer
2019-04-02/a>	Johannes Ullrich	Fake AV is Back: LaCie Network Drives Used to Spread Malware
2019-01-10/a>	Brad Duncan	Heartbreaking Emails: "Love You" Malspam
2019-01-02/a>	Xavier Mertens	Malicious Script Leaking Data via FTP
2018-11-30/a>	Remco Verhoef	CoinMiners searching for hosts
2018-09-07/a>	Xavier Mertens	Crypto Mining in a Windows Headless Browser
2018-08-30/a>	Xavier Mertens	Crypto Mining Is More Popular Than Ever!
2018-07-13/a>	Xavier Mertens	Cryptominer Delivered Though Compromized JavaScript File
2018-03-05/a>	Xavier Mertens	Malicious Bash Script with Multiple Features
2018-03-04/a>	Xavier Mertens	The Crypto Miners Fight For CPU Cycles
2017-11-13/a>	Guy Bruneau	VBE Embeded Script (info.zip)
2017-09-30/a>	Lorna Hutcheson	Who's Borrowing your Resources?
2017-01-12/a>	Mark Baggett	Some tools updates
2016-11-13/a>	Guy Bruneau	Bitcoin Miner File Upload via FTP
2014-07-07/a>	Johannes Ullrich	Multi Platform *Coin Miner Attacking Routers on Port 32764
2014-04-01/a>	Johannes Ullrich	cmd.so Synology Scanner Also Found on Routers
2013-12-16/a>	Tom Webb	The case of Minerd
2009-11-25/a>	Jim Clausing	Tool updates

COIN MINER

COIN

MINER