Crypto hackers have set their sights on internet service providers (ISPs). According to a technical report from Splunk, a Cisco security and observability platform, a massive attack campaign involving addresses in Eastern Europe targeted over 4,000 addresses corresponding to ISPs in China and the West Coast of the U.S. through brute force efforts. “These IPs were targeted by using a masscan tool which allows operators to scan large numbers of IP addresses which can subsequently be probed for open ports and credential brute-force attacks,” the report specified. The campaign aimed to get access to these hosts for two main objectives: deploy info-stealing software, that scans clipboard contents and screenshots for cryptocurrency addresses and private keys, and install cryptocurrency mining malware that uses the hardware capabilities of the host to mine monero (XMR).
