Coupang Apologizes After Massive Data Breach Affecting 33.7 Million Users 
OpenAI Moves to Acquire Neptune as It Expands AI Training Capabilities 
Banks Consider $38 Billion Funding Boost for Oracle, Vantage, and OpenAI Expansion 
Taiwan Opposition Criticizes Plan to Block Chinese App Rednote Over Security Concerns 
Trump Administration to Secure Equity Stake in Pat Gelsinger’s XLight Startup 
Apple Appoints Amar Subramanya as New Vice President of AI Amid Push to Accelerate Innovation 
Apple Leads Singles’ Day Smartphone Sales as iPhone 17 Demand Surges 
Microchip Technology Boosts Q3 Outlook on Strong Bookings Momentum 
Senate Sets December 8 Vote on Trump’s NASA Nominee Jared Isaacman 
Wikipedia Pushes for AI Licensing Deals as Jimmy Wales Calls for Fair Compensation 
Sam Altman Reportedly Explored Funding for Rocket Venture in Potential Challenge to SpaceX 
Norway’s Wealth Fund Backs Shareholder Push for Microsoft Human-Rights Risk Report 
Amazon and Google Launch New Multicloud Networking Service to Boost High-Speed Cloud Connectivity 
Morgan Stanley Boosts Nvidia and Broadcom Targets as AI Demand Surges 
Nexperia Urges China Division to Resume Chip Production as Supply Risks Mount 
Apple Alerts EU Regulators That Apple Ads and Maps Meet DMA Gatekeeper Thresholds 
YouTube Agrees to Follow Australia’s New Under-16 Social Media Ban 
Yet another malware attack has been reported involving illegal crypto-mining operations. Dubbed "Operation Prowli," the attack managed to infect over 40,000 machines in various sectors, including education, government and finance.
Prowli employed a variety of protocols to force the malware into devices like modems, web servers and Internet-of-Things (IoT). Security team GuardiCore reported that the attack’s ultimate goal was to make money rather than espionage or ideology, Cointelegraph reported.
Devices that were hit by the attack were infected with a Monero (XMR) miner and what’s called an r2r2 worm, a malware capable of executing SSH brute-force methods. To expand, the process of attack involved randomly creating IP addresses where r2r2 then tried to brute-force SSH logins using a user/password dictionary. After successfully infiltrating the device, it ran multiple commands that initiated the mining process.
"The attacks all behaved in the same fashion, communicating with the same C&C server to download a number of attack tools named r2r2 along with a cryptocurrency miner,” GuardiCore said. Moreover, the cyptojacking activity also employed a web traffic redirection method to take victims to malicious sites.
The attackers achieved this by using an open source webshell called “WSO Web Shell,” which made infected sites host malicious codes. When a visitor is successfully taken to a fake site, they’re then tricked into accessing malicious browser extensions. According to GuardiCore developers, the large-scale cyber attack was able to infect over 9,000 companies.
Monero has been one of the leading digital coins used by cryptojackers in their attacks. Last month, Mac users were also infected by a crypto-mining malware that forced compromised machines to mine the Monero cryptocurrency. Fortunately, the malware’s design wasn’t sophisticated, so removing it was simple enough.
Another incident in the same month saw a crypto-mining malware infiltrate some half a million computers to digitally mine 133 Monero tokens in three days. Called the WinstarNssmMiner, the malware was quite the piece of work as it was able to mine and crash the machines it managed to compromise.
