New Satori Variant Found Targeting Claymore Mining Software to Mine Ethereum
On January 8, security researchers said that was found hacking into Claymore mining rigs, replacing the device owner¡¯s mining credentials with the attacker¡¯s own. Analysis of the malware¡¯s code suggested that the same person is behind this variant and the original Satori bot.
According to the report, the new Satori variant? (detected as ELF_MIRAI.AUSV and ELF64_MIRAI.D) keeps the original's exploits but adds a new one that does not target IoT and networking devices, unlike previous Satori payloads. The new variant scanned for port 3333 and deployed exploit code specific to Claymore cryptocurrency mining software. Moreover, the researchers said that Satori targets a vulnerability that affects the management interface of Claymore mining software, allowing attackers to interact with the device without needing to authenticate. The attacker then uses the access to change the Claymore mining configuration to one of his own to mine Ehtereum.
The perpetrator of the new Satori variant has reportedly made 1.0100710 ETH, or $980 in the past ten days from hijacked Claymore miners. Owners should review their mining configurations and make sure they¡¯re running the most current version of the Claymore software.
Satori (also known as Mirai Okiru and detected by live casino online as ELF_MIRAI.AUSR) was pegged to be the successor of the , which is notorious for knocking high-profile websites offline. The most recent Satori botnet attack happened in December 2017, in just 12 hours.
With the surge in popularity of IoT devices used in home and office networks, Satori is a threat that can cause a significant impact when it compromises those devices, exposing users and organizations to Distributed denial-of-service (DDoS) attacks, , and cryptocurrency-mining malware.
Defending against Satori
A vulnerable home network exposes devices and owners' privacy to risk. Users can prevent a botnet infection with these security best practices:
- Opt for devices that go beyond functionality and ease of use that is big on security and privacy.
- Change the device¡¯s default settings and credentials to make them less prone to unauthorized access.
- Update software and firmware to prevent vulnerability exploits.
- Enable the router¡¯s built-in firewall to add an extra layer of security.
live casino online Solutions
live casino online? Security and live casino online Internet Security protect users from this threat, with security features that can detect malware at the endpoint level. Security solutions like live casino online? Home Network Security can check internet traffic between the router and all connected devices to protect IoT devices. Enterprises can use live casino online? Deep Discovery? Inspector, which is a network appliance that monitors all ports and over 105 different network protocols to discover advanced threats and targeted attacks.
live casino online Smart Home Network? customers are protected from this threat via these rules:
- 1134286 WEB Realtek SDK Miniigd UPnP SOAP Command Execution (CVE-2014-8361)
- 1134287 WEB Huawei Home Gateway SOAP Command Execution (CVE-2017-17215)
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
Art¨ªculos Recientes
- Unveiling AI Agent Vulnerabilities Part I: Introduction to AI Agent Vulnerabilities
- The Ever-Evolving Threat of the Russian-Speaking Cybercriminal Underground
- From Registries to Private Networks: Threat Scenarios Putting Organizations in Jeopardy
- Trend 2025 Cyber Risk Report
- The Future of Social Engineering
Cellular IoT Vulnerabilities: Another Door to Cellular Networks
AI in the Crosshairs: Understanding and Detecting Attacks on AWS AI Services with Trend Vision One?
Trend 2025 Cyber Risk Report
CES 2025: A Comprehensive Look at AI Digital Assistants and Their Security Risks