Some cybercrime groups are using trojaned proxyware installers to gain a foothold on victim machines and install malware and cryptominers.
The Lemon Duck cryptocurrency-mining botnet was seen behind a spike of April attacks exploiting the Microsoft Exchange server ProxyLogon flaw.
TeamTNT, a crypto-mining botnet, is stealing Amazon Web Services credentials from infected Docker and Kubernetes servers.
Cybercrime gangs are still making hay with ransomware, but a new report from Europol shows that malicious cryptomining is gaining momentum.
Malicious cryptominers are taking over for ransomware, thanks to quicker ROI and less attention from law enforcement.