Advertisement
AD

Main navigation

Advertisement

Dogecoin API Used by Cybercriminals to Stealthily Mine Cryptocurrency

Advertisement
Tue, 28/07/2020 - 15:59
Dogecoin API Used by Cybercriminals to Stealthily Mine Cryptocurrency
Cover image via U.Today
Read U.TODAY on
Google News
Advertisement

According to a recent report published by cybersecurity firm Intezer Labs, the Dogecoin API was abused by hackers to plant an undetected backdoor called "Doki" on Docker serves that run on Linux.

Similarly to other backdoor trojans, the main goal was to gain complete control in order to smoothly run cryptojacking operations.

A unique method

Cryptojacking refers to the practice of gaining unauthorized access to someone’s computer in order to stealthily mine cryptocurrency with the help of an undetectable malware component.

Advertisement

This time around, the attackers relied on the API of dogechain.info, the most popular DOGE block explorer, in order to create its C2 domain.

It is capable of finding these domains automatically by relying on a "unique" DGA algorithm that is based on Dogecoin:

Using this technique the attacker controls which address the malware will contact by transferring a specific amount of Dogecoin from his or her wallet. Since only the attacker has control over the wallet, only he can control when and how much dogecoin to transfer, and thus switch the domain accordingly.

Doki had been up and running for over half a year, and the best antivirus software is still incapable of detecting it:

The malware is a fully undetected backdoor. It has managed to stay undetected for over six months despite having been uploaded to VirusTotal on January 14, 2020 and scanned multiple times since.

Related

Cryptojackers continue to thrive

Recently, Doki servers have become a popular target for cybercriminals, but this is the first instance in which Dogecoin is involved.

As reported by U.Today, privacy coin Monero (XMR) is regarded as the darling of cryptojackers, with close to four percent of the coin’s supply being their work.

Back in May, it was revealed that Microsoft SQL database servers had been infected to illegally mine XMR.

A
A
A

Related articles

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement
Advertisement

Recommended articles

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD