Privacy Coin Dero Becomes Target of New Self-Propagating Malware
On May 29, it was reported that a new type of Linux malware is attacking unprotected Docker infrastructures worldwide, turning exposed servers into a decentralized network for mining the privacy coin Dero. This malware attacks exposed Docker APIs through port 2375, deploying two Golang-based implants, one disguised as legitimate web server software nginx, and another program named cloud for mining. Infected nodes autonomously scan the internet for new targets and deploy infected containers without the need for a central control server. As of early May, over 520 Docker APIs were publicly exposed through port 2375 globally, all of which are potential targets. Research shows that the wallet and node infrastructure used in this attack are the same as those used in attacks on Kubernetes clusters in 2023 and 2024.
Disclaimer: The content of this article solely reflects the author's opinion and does not represent the platform in any capacity. This article is not intended to serve as a reference for making investment decisions.
You may also like
Benchmark analyst reiterates "Buy" rating on Japanese crypto company Metaplanet
GAIN official: Investigating issues related to abnormal token over-issuance
Data: 10 addresses received a total of 210,000 ETH within 6 hours, worth approximately $863 millions.
Trending news
MoreCrypto prices
More
