Hackers Exploit Automated Email Replies to Deploy Stealthy Crypto Mining Malware

cryptonews.com:

Ruholamin Haqshanas is a contributing crypto writer for CryptoNews. He is a crypto and finance journalist with over four years of experience. Ruholamin has been featured in several high-profile crypto...

Cybersecurity researchers are using automated email replies to compromise systems and deliver stealthy crypto mining malware.

According to a report by the threat intelligence firm Facct, hackers have been leveraging auto-reply emails from compromised accounts to target organizations in Russia, including companies, marketplaces, and financial institutions.

The attackers aim to install the XMRig miner on victims’ devices, enabling them to mine digital assets covertly.

Facct’s investigation revealed that since late May, approximately 150 emails containing the XMRig miner were identified.

However, the firm’s business email protection system successfully blocked these malicious emails before they could reach their clients.

Dmitry Eremenko, a senior analyst at Facct, highlighted the unique danger posed by this attack vector.

Unlike typical mass phishing campaigns where potential victims can easily ignore suspicious emails, this method preys on the expectations of recipients.

Злоумышленники придумали новую уловку для внедрения криптомайнера Xmrig на чужие машины: они распространяют вредоносные ссылки в письмах-автоответах. В F.A.C.C.T. насчитали уже 150 таких посланий по своей клиентской базе.https://t.co/1ZvOjRpRjy

Since the victims initiate the communication by sending an email first, they are more likely to trust the auto-reply they receive, unaware that the email account they contacted is compromised.

“In this scenario, even if the email doesn’t appear convincing, the established communication chain may reduce suspicion, making the