Crypto Hackers Target ISPs

Crypto hackers have shifted their focus to internet service providers (ISPs). According to a technical report from Splunk, a Cisco security and observability platform, a massive attack campaign primarily from Eastern Europe targeted over 4,000 ISP addresses in China and the West Coast of the U.S. through brute-force methods.

The report states, “These IPs were targeted by using a masscan tool which allows operators to scan large numbers of IP addresses which can subsequently be probed for open ports and credential brute-force attacks.”

The campaign has two main objectives:

1. Deploying info-stealing software that scans clipboard contents and screenshots for cryptocurrency addresses and private keys.
2. Installing cryptocurrency mining malware that utilizes the host’s hardware to mine monero (XMR).