Starcraft fans use NSA exploits to mine XMR

According to F5 Network analysts, hackers were able to mine over $8000
19 December 2017   3332

Analysts of F5 Networks reported the detection of a malicious campaign for hacking servers running Windows and Linux. It was called Zealot (this term comes from popular videogame Starcraft.).

For attacks, unknown criminals use exploits from the arsenal of the US National Security Agency, published by the hacker group The Shadow Brokers. At the final stage of the infection, PowerShell is used, with the help of which a Monero crypto currency miner is installed on the compromised device. 

Analysts of F5 Networks note that an unknown group can replace Monero's miner at any time for any other malware.

Zealot seems to be the first Struts campaign using the NSA exploits to propagate inside internal networks. There were other malware campaigns like NotPetya and WannaCry ransomware, and also Adylkuzz cryptominer launching attacks by directly4 scanning the Internet for SMBs to exploit with the NSA tools the ShadowBrokers released. The Zealot campaign, however, seems to be opening new attack vector doors, automatically delivering malware on internal networks via web application vulnerabilities. The level of sophistication we are currently observing in the Zealot campaign is leading us to believe that the campaign was developed and is being run by threat actors several levels above common bot herders.

F5 Networks Research

Researchers managed to track several crypto-currency wallets of the group, which are used to output the enigmatic Monero. Currently, they contain about $ 8,500. At the same time, the income of the grouping can be much higher, since the attackers use a lot of wallets and experts admit that for certain not everyone was able to find out.

BitBay ot Delist Monero

Exchange has to comply with “market standards” and the fight against money laundering
26 November 2019   294

BitBay cryptocurrency exchange announced the termination of support for the Monero cryptocurrency. The platform explained the decision by the need to comply with “market standards” and the fight against money laundering.

Acceptance of deposits at the XMR exchange will stop on November 29, trading will be stopped on February 19, 2020. In addition, due to the Monero network hard fork planned for November 30, the withdrawal of XMR will not be possible from November 29 to December 5.

Users are asked to finally withdraw funds by May 20 of next year.

Monero (XMR) can selectively utilize anonymity features among projects. This feature of XMR is a subject to end of transaction support. The decision was made to block the possibility of money laundering and inflow from external networks. Monero (and other cryptocurrencies with this specification) has been already delisted on other fiat-crypto exchanges for the same reason. As a licenced exchange, BitBay has to follow the market standards.


 As you can see, BitBay named Monero's anonymity as the reason for delisting.