Researchers at cybersecurity company Intezer have discovered that for over 6 months hackers have been secretly distributing new malware via the Dogecoin blockchain.
The team recently stumbled upon an inconspicuous backdoor called Doki, which was deployed via a botnet and used the cryptocurrency network to generate its C2 domain address. Through domain addresses, the malware searched for additional vulnerabilities of cloud services for their subsequent hacking..
Hackers used the Dogecoin blockchain for half a year to hack cloud services
At the same time, the attacker could switch domains and choose which software to use for the attack, making transfers of a certain amount of Dogecoin from his wallet. Intezer researchers say this hack is very subtle, as Doki was discovered 6 months after it was deployed despite being uploaded to the antivirus database..
The backdoor not only has a high level of stealth, but is also very dangerous. It takes only a few hours for infection from the moment of incorrect configuration of the server connected to the network..
Cybercriminals are increasingly starting to use blockchain technologies in their activities. For example, in a recent breach of Australian national networks, a group of hackers also used cryptocurrency exploits..
text: Ivan Malichenko, photo: depositphotos