Internet Storm Center
Sign In
Sign Up
Handler on Duty:
Xavier Mertens
Threat Level:
green
Date
Author
Title
COIN MINER
2018-11-30
Remco Verhoef
CoinMiners searching for hosts
2017-11-13
Guy Bruneau
VBE Embeded Script (info.zip)
2016-11-13
Guy Bruneau
Bitcoin Miner File Upload via FTP
COIN
2023-01-15/a>
Johannes Ullrich
Elon Musk Themed Crypto Scams Flooding YouTube Today
2022-08-26/a>
Xavier Mertens
Paypal Phishing/Coinbase in One Image
2022-05-18/a>
Jan Kopriva
Do you want 30 BTC? Nothing is easier (or cheaper) in this phishing campaign...
2022-03-07/a>
Johannes Ullrich
No Bitcoin - No Problem: Follow Up to Last Weeks Donation Scam
2020-07-20/a>
Rick Wanner
Sextortion Update: The Final Final Chapter
2019-03-21/a>
Xavier Mertens
New Wave of Extortion Emails: Central Intelligence Agency Case
2019-02-01/a>
Rick Wanner
Sextortion: Follow the Money Part 3 - The cashout begins!
2019-01-18/a>
John Bambenek
Sextortion Bitcoin on the Move
2019-01-10/a>
Brad Duncan
Heartbreaking Emails: "Love You" Malspam
2018-12-26/a>
Didier Stevens
Bitcoin "Blocklists"
2018-11-30/a>
Remco Verhoef
CoinMiners searching for hosts
2018-07-21/a>
Didier Stevens
BTC pickpockets are back
2018-07-15/a>
Didier Stevens
Video: Retrieving and processing JSON data (BTC example)
2018-07-15/a>
Didier Stevens
Extracting BTC addresses from emails
2018-07-14/a>
Didier Stevens
Retrieving and processing JSON data (BTC example)
2018-01-25/a>
Xavier Mertens
Ransomware as a Service
2017-11-13/a>
Guy Bruneau
VBE Embeded Script (info.zip)
2017-09-30/a>
Lorna Hutcheson
Who's Borrowing your Resources?
2017-08-24/a>
Bojan Zdrnja
Free Bitcoins? Why not?
2016-11-13/a>
Guy Bruneau
Bitcoin Miner File Upload via FTP
2014-07-07/a>
Johannes Ullrich
Multi Platform *Coin Miner Attacking Routers on Port 32764
2014-04-26/a>
Guy Bruneau
Android Users - Beware of Bitcoin Mining Malware
2014-04-01/a>
Johannes Ullrich
cmd.so Synology Scanner Also Found on Routers
2011-09-05/a>
Bojan Zdrnja
Bitcoin – crypto currency of future or heaven for criminals?
MINER
2023-05-30/a>
Johannes Ullrich
Your Business Data and Machine Learning at Risk: Attacks Against Apache NiFi
2023-01-02/a>
Xavier Mertens
NetworkMiner 2.8 Released
2022-04-05/a>
Johannes Ullrich
WebLogic Crypto Miner Malware Disabling Alibaba Cloud Monitoring Tools
2021-12-21/a>
Xavier Mertens
More Undetected PowerShell Dropper
2021-03-19/a>
Xavier Mertens
Pastebin.com Used As a Simple C2 Channel
2020-11-07/a>
Guy Bruneau
Cryptojacking Targeting WebLogic TCP/7001
2020-02-02/a>
Didier Stevens
Video: Stego & Cryptominers
2019-12-26/a>
Xavier Mertens
Bypassing UAC to Install a Cryptominer
2019-04-02/a>
Johannes Ullrich
Fake AV is Back: LaCie Network Drives Used to Spread Malware
2019-01-10/a>
Brad Duncan
Heartbreaking Emails: "Love You" Malspam
2019-01-02/a>
Xavier Mertens
Malicious Script Leaking Data via FTP
2018-11-30/a>
Remco Verhoef
CoinMiners searching for hosts
2018-09-07/a>
Xavier Mertens
Crypto Mining in a Windows Headless Browser
2018-08-30/a>
Xavier Mertens
Crypto Mining Is More Popular Than Ever!
2018-07-13/a>
Xavier Mertens
Cryptominer Delivered Though Compromized JavaScript File
2018-03-05/a>
Xavier Mertens
Malicious Bash Script with Multiple Features
2018-03-04/a>
Xavier Mertens
The Crypto Miners Fight For CPU Cycles
2017-11-13/a>
Guy Bruneau
VBE Embeded Script (info.zip)
2017-09-30/a>
Lorna Hutcheson
Who's Borrowing your Resources?
2017-01-12/a>
Mark Baggett
Some tools updates
2016-11-13/a>
Guy Bruneau
Bitcoin Miner File Upload via FTP
2014-07-07/a>
Johannes Ullrich
Multi Platform *Coin Miner Attacking Routers on Port 32764
2014-04-01/a>
Johannes Ullrich
cmd.so Synology Scanner Also Found on Routers
2013-12-16/a>
Tom Webb
The case of Minerd
2009-11-25/a>
Jim Clausing
Tool updates
Homepage
Diaries
Podcasts
Jobs
Data
TCP/UDP Port Activity
Port Trends
SSH/Telnet Scanning Activity
Weblogs
Threat Feeds Activity
Threat Feeds Map
Useful InfoSec Links
Presentations & Papers
Research Papers
API
Tools
DShield Sensor
DNS Looking Glass
Honeypot (RPi/AWS)
InfoSec Glossary
Contact Us
Contact Us
About Us
Handlers
About Us
Slack Channel
Mastodon
Bluesky
X
Follow updates by subscribing to the handler's
diary RSS feed