DERO cryptojacking adopts new techniques to evade detection
released on 2024-06-14 @ 10:11:43 AM
This report examines the threat actors behind a 2023 cryptojacking campaign targeting misconfigured Kubernetes clusters, focusing on their evolving techniques to avoid detection. It analyzes the malicious Docker images they deployed, the hardcoded wallet and pool information in the DERO miner binary, and additional tools they likely used beyond Kubernetes exploitation. The report also provides defense recommendations and indicators of compromise.