Update: Threat Stack to Present Live Threat Briefing
On New Cryptomining Shellbot Malware Variant
Live Online, May 16, 2019, 1:00 p.m. ET (or on demand after 45 minutes)
About This Threat Briefing
Recently, Threat Stack’s Security Operations Center (SOC) uncovered a variation of the Shellbot malware in a public cloud environment. In this active cryptojacking campaign, the sophisticated malware features several layers of obfuscation and continues to be updated with new functionality after it has gained a foothold in an infected environment.
In this briefing, Threat Stack SOC Analyst Ethan Hansen will walk through the details of the newly discovered cryptojacking campaign, including the malware components, actual observed attack path, and the future investigations.
Download Threat Stack’s Inside a Docker Cryptojacking Exploit
Threat Stack’s Security Operations Center (SOC) recently discovered an ongoing and evolving malware campaign that leverages a new variant of the Shellbot malware discovered by JASK in November 2018 and published in February 2019. (You can read their full report here.)
In this new variant of the campaign, Threat Stack has identified the addition of a new SSH brute force tool, a secondary command and control method, and the added ability to stop other cryptominers on infected servers. Read more “A Threat Stack SOC Analysis: The Continuing Evolution of the Shellbot Cryptomining Malware”