According to experts, hackers gained access to computer systems through phishing letters disguised for payment orders or official documents from real companies.
After infection of computers, malicious software, attackers are remotely connected and block protection systems. Next, they set up devices for automatic turning on at one in the morning and turning off at five in the morning to hide their actions from users, analysts indicated.
Before starting hidden miners, scammers collect data on the configuration of the system, which allows them to optimally configure programs for cryptocurrency mining. During operation, cybercriminals maintain contact with the pool, sending requests every few minutes.
Experts noted that the campaign of hackers began at the end of last year and continues to this day. The origin of the group of fraudsters who began work since 2019 has not been able to establish.
According to experts, Librarian Ghouls can be the so -called hactivists, as they use legal third -party software instead of developing their own malicious systems, which is characteristic of such associations.
Earlier, the Investigative Committee of Russia (TFR) announced the discovery of a large illegal farm in the Irkutsk region for the production of cryptocurrencies for 2107 devices operating on the networks of Radian energy company through Irkutskenergosbyt.
Source: Bits
I am an experienced journalist, writer, and editor with a passion for finance and business news. I have been working in the journalism field for over 6 years, covering a variety of topics from finance to technology. As an author at World Stock Market, I specialize in finance business-related topics.
