By Nermeen Nabil Khear 
A sophisticated and ongoing supply-chain attack operating for the past year has been stealing sensitive login credentials from both malicious and benevolent security personnel by infecting them with Trojanized versions of open source software from GitHub and NPM, researchers said.
The campaign, first reported three weeks ago by security firm Checkmarx and again on Friday by Datadog Security Labs, uses multiple avenues to infect the devices of researchers in security and other technical fields. One is through packages that have been available on open source repositories for over a year. They install a professionally developed backdoor that takes pains to conceal its presence. The unknown threat actors behind the campaign have also employed spear phishing that targets thousands of researchers who publish papers on the arXiv platform.
Unusual longevity
The objectives of the threat actors are also multifaceted. One is the collection of SSH private keys, Amazon Web Services access keys, command histories, and other sensitive information from infected devices every 12 hours. When this post went live, dozens of machines remained infected, and an online account on Dropbox contained some 390,000 credentials for WordPress websites taken by the attackers, most likely by stealing them from fellow malicious threat actors. The malware used in the campaign also installs cryptomining software that was present on at least 68 machines as of last month.
This articles is written by : Nermeen Nabil Khear Abdelmalak
All rights reserved to : USAGOLDMIES . www.usagoldmines.com
You can Enjoy surfing our website categories and read more content in many fields you may like .
Why USAGoldMines ?
USAGoldMines is a comprehensive website offering the latest in financial, crypto, and technical news. With specialized sections for each category, it provides readers with up-to-date market insights, investment trends, and technological advancements, making it a valuable resource for investors and enthusiasts in the fast-paced financial world.
Recent:
11 of the Best Music Documentaries Ever Made Jason Keil | usagoldmines.com
Four Situations When Supplemental Health Insurance Makes Sense (When You’re Not Retired) Jeff Somers...
All The Biggest Reveals From the 2024 Game Awards Michelle Ehrhardt | usagoldmines.com
iOS 18.2: What You Can Do With Visual Intelligence Juli Clover | usagoldmines.com
Character.AI won't let its chatbots get romantic with teenagers anymore erichs211@gmail.com (Eric Ha...
NYT Strands today — my hints, answers and spangram for Saturday, December 14 (game #286) | usagoldm...
NYT Connections today — my hints and answers for Saturday, December 14 (game #552) | usagoldmines.c...
Quordle today – my hints and answers for Saturday, December 14 (game #1055) | usagoldmines.com
The Best Ways to Find a Running Track Near You (and a Beginner’s Workout to Try) Beth Skwarecki | us...
What You Can and Can't Make With iOS 18.2's Genmoji Feature Juli Clover | usagoldmines.com
Malcolm, Malcolm, Malcolm! Yes, 'Malcolm in the Middle' is being revived for Disney Plus jacob.krol@...
Amazon teams up with Samsung rival to design and build bespoke next generation tech that will help A...
The Intel Arc B580 GPU could rejuvenate the budget PC market - here's why allisa.james@futurenet.com...
Bird flu jumps from birds to human in Louisiana; patient hospitalized Beth Mole | usagoldmines.com
My Best Advice for Shipping Holiday Cookies Without Ruining Them Allie Chanthorn Reinmann | usagoldm...
ChatGPT Can Finally See Jake Peterson | usagoldmines.com
Windows PCs are full of ads. These 9 settings turn off the worst ones | usagoldmines.com
5 useful PC upgrades to plug into your unused PCIe slots | usagoldmines.com
Best Windows backup software 2024: Protect your data! | usagoldmines.com
Best gaming laptops under $1,000: Expert picks that won’t break the bank | usagoldmines.com
Classic Outlook gets an official ‘death date’ as users are urged to switch | usagoldmines.com
Best VPNs for Android 2024: Our picks for phones and tablets | usagoldmines.com
Mint Mobile Cuts $400 Off Pixel 9 Pro, Gives You Unlimited for 12 Months at 50% Off Kellen | usagold...
You Can Max Out Your IRA Contributions for Longer Than You Might Think Emily Long | usagoldmines.com
iOS 18.2: Here's How Mail Categories Work Juli Clover | usagoldmines.com
ChatGPT's new Projects feature can organize your AI clutter erichs211@gmail.com (Eric Hal Schwartz) ...
December Pixel Update Expands to Pixel Fold, Pixel 7 on T-Mobile Kellen | usagoldmines.com
WhatsApp Now Lets You Call Select Members of a Group Chat Jake Peterson | usagoldmines.com
Toxic Christmas Tree Water and Other Holiday Pet Dangers You Never Knew About Lindsey Ellefson | usa...
Best laptops for college students 2024: Top picks and expert advice | usagoldmines.com
It’s Time to Learn What ‘Core Sleep’ Actually Is Beth Skwarecki | usagoldmines.com
Report: Apple to Stop Selling iPhone 14 and iPhone SE in EU This Month Joe Rossignol | usagoldmines....
Best Apple Deals of the Week: Steep Discounts Hit Apple Watches and Bands, Plus Sales on AirTag, Ank...
“6G can efficiently enable intelligent computing everywhere”: Qualcomm offers an exclusive sneak pee...
Hackers are abusing Microsoft tools more than ever before | usagoldmines.com
Microsoft announced Phi-4, a new AI that’s better at math and language processing | usagoldmines.co...
Google Home Devices Get First Taste of Gemini in Place of Assistant Kellen | usagoldmines.com
This iPhone 15 Pro Max Is Less Than $900 Pradershika Sharma | usagoldmines.com
Google Maps’ Best Feature Is About to Get a Lot Less Useful David Nield | usagoldmines.com
Apple Begins Selling New Vision Pro Carry Sling and Exclusive Charging Accessories Juli Clover | usa...
I didn’t expect Fallout to win Best Adaptation at The Game Awards 2024 when Netflix’s Arcane was suc...
This Yoto Mini 'fire hazard' children's speaker has been recalled again due to its overheating batte...
Werner Herzog muses on mysteries of the brain in Theater of Thought Jennifer Ouellette | usagoldmine...
Nvidia stokes RTX 50-series hype with Witcher 4 and a global LAN party | usagoldmines.com
Google’s Pixel Camera Update Returns Quick Access Controls, and Folks are Happy Kellen | usagoldmine...
This Free App Archives and Deletes Your Tweets Justin Pot | usagoldmines.com
Now Is the Best Time to Get a Deal on a Used Car Emily Long | usagoldmines.com
The MacRumors Show: Apple's 2024 – Year in Review Hartley Charlton | usagoldmines.com
M2 iPad Air Holiday Deals Include $100 Off and All-Time Low Prices at Best Buy Mitchel Broussard | u...
Civil societies warn against EU plans to make digital devices monitorable at all times chiara.castro...
Prime Video is testing a great new feature that'll use AI to better recommend movies and shows | us...
eM Client boosts email offerings with Postbox acquisition udinmwenefosa@gmail.com (Efosa Udinmwen) |...
Project Moohan shows Samsung doesn’t understand what makes the Meta Quest 3 special – and I don't t...
Where is Apple CarPlay 2? A 2024 launch is looking unlikely, but not impossible alexblake.techradar@...
Apple forced to patch iOS and macOS security flaw that could have leaked your private info | usagol...
Astro Bot takes home four major awards at The Game Awards 2024, including Game of the Year | usagol...
Americans spend more years being unhealthy than people in any other country Beth Mole | usagoldmines...
F1 Arcade trip report: Great sims make for a compelling experience Jonathan M. Gitlin | usagoldmines...
Don’t use crypto to cheat on taxes: Bitcoin bro gets 2 years Ashley Belanger | usagoldmines.com
Elon Musk slams SEC as agency threatens charges in Twitter stock probe Jon Brodkin | usagoldmines.co...
Best PCIe 4.0 SSDs 2024: Top picks from experts | usagoldmines.com
Get festive with these magical Christmas tree lights for 35% off | usagoldmines.com
Does it really matter what thermal paste you use in your gaming PC? | usagoldmines.com
Seven Ways to Make Hosting Little Kids for the Holidays Less Stressful for Everyone Jason Keil | usa...
The 28 Best Holiday and Christmas Movies on Netflix Right Now Ross Johnson | usagoldmines.com
Best Buy Takes Up to $200 Off M4 iPad Pro, Available From $849 Mitchel Broussard | usagoldmines.com
New Galaxy S25 leak suggests there'll be no Slim model after all, but I'm not convinced jamie.richar...
Image Playground made me a wizard but I’m still waiting for that Siri magic lance.ulanoff@futurenet....
Amazon pauses $1bn Microsoft 365 rollout following Russian security concerns | usagoldmines.com
Split Fiction is a new co-op game from the studio behind the award-winning It Takes Two | usagoldmi...
The US military is now talking openly about going on the attack in space Stephen Clark | usagoldmine...
Today’s best laptop deals: Save big on work, school, home use, and gaming | usagoldmines.com
Installing Windows 11 on old PCs is incredibly risky. Here’s why | usagoldmines.com
Ho ho ho! ChatGPT rolls out a Santa voice for Christmas season | usagoldmines.com
Watch out! Your latest data breach notification might not be real | usagoldmines.com
This tiny (but mighty!) speaker is 40% off right now | usagoldmines.com
Firefox’s Do Not Track feature is going away because websites ignore it | usagoldmines.com
This $650 RTX-loaded MSI gaming laptop is a total steal | usagoldmines.com
How to Make Your Christmas Tree Last as Long as Possible Beth Skwarecki | usagoldmines.com
Seven Home Maintenance Tasks Everyone Forgets to Do Jeff Somers | usagoldmines.com
The latest Google Pixel Drop changes how your phone charges – here's what's new | usagoldmines.com
PS2 and Wii classic Okami is getting a sequel headed up by original creator Hideki Kamiya | usagold...
7 new movies and TV shows to watch on Netflix, Prime Video, Max, and more this weekend (December 13)...
Hybrid work is winning out, despite employers trying to force a return to office | usagoldmines.com
2025's first streaming price hike will come courtesy of YouTube TV and I'm concerned which service i...
Ensuring data security with continuity, compliance, and disaster recovery | usagoldmines.com
Critical infrastructure being hit by dangerous new malware - routers, firewalls and fuel systems all...
Can digital resilience be achieved beyond the IT perimeter? | usagoldmines.com
Lenovo Legion R27fc-30 review: A 240Hz display for under $200! | usagoldmines.com
Intel Arc B580 review: The first worthy budget GPU of the decade | usagoldmines.com
Apple CEO Tim Cook Hosts King Charles III at UK Headquarters Hartley Charlton | usagoldmines.com
Chinese police found using spyware to monitor Android devices | usagoldmines.com
Photoshop gets the next big thing in AI photography – a tool that makes unwanted reflections vanish ...
Thousands of servers potentially at risk from Prometheus security flaw | usagoldmines.com
Apple HomePod mini 2 said to be arriving in 2025, along with one maxi upgrade | usagoldmines.com
Netflix releases trailer for Bank of Dave 2 and I can't wait to see him take on a new rival lucy.bug...
Twirling body horror in gymnastics video exposes AI’s flaws Benj Edwards | usagoldmines.com
Best online backup 2024: iDrive, Backblaze, Livedrive, and more | usagoldmines.com
The future of VPNs: Decentralized and post-quantum security | usagoldmines.com
Millions of credit card details leaked online - watch out if you're paying for Christmas | usagoldm...