![Nansh0u not your normal cryptominer. [Research Saturday]](https://images.musicrad.io/resizer/?image=aHR0cHM6Ly9tZWdhcGhvbmUuaW1naXgubmV0L3BvZGNhc3RzLzY1NDVjZjgwLWRmMTEtMTFlYS05OGE4LWJmZGNhYmJiMWFiMC9pbWFnZS9yZXNlYXJjaC1zYXR1cmRheS1jb3Zlci1hcnQtY3cuanBnP2l4bGliPXJhaWxzLTQuMy4xJm1heC13PTMwMDAmbWF4LWg9MzAwMCZmaXQ9Y3JvcCZhdXRvPWZvcm1hdCxjb21wcmVzcw%3D%3D&width=600&signature=uSlEssKhBYzFvNrpKw5kKj5L6Oc=)
Nansh0u not your normal cryptominer. [Research Saturday]
Researchers at Guardicore Labs have been tracking an unusual cryptominer that seems to be based in China and is targeting Windows MS-SQL and phpMyAdmin servers. Some elements of the exploit make use of sophisticated components previously associated with nation-state actors.
Ophir Harpaz and Daniel Goldberg are members of the Guardicore Labs team, and they join us to explain their findings.
The research can be found here -
https://www.guardicore.com/2019/05/nansh0u-campaign-hackers-arsenal-grows-stronger/
-
Heart UK