#koske — Public Fediverse posts
Live and recent posts from across the Fediverse tagged #koske, aggregated by home.social.
-
🚨 New #Koske #Linux malware uses panda 🐼 JPEGs to deliver stealthy cryptominers via polyglot files—AI-powered, evasive, and persistent. Users see cute images, but attackers get hidden rootkits & miners! Full story: https://www.bleepingcomputer.com/news/security/new-koske-linux-malware-hides-in-cute-panda-images/ #Cybersecurity #Malware #newz #lol xD Btw f… crypto that kind of deployment could also be used for other kind of attacks 💡
-
It is an AI-generated #Linux #malware which was hidden in images with pandas. It supports wide variety of coinminers for various cryptocurrencies and for GPU and different CPU architectures. Its another component, #rootkit #hideproc, tries to hide the Koske miner from file listings and processes.
https://malwarelab.eu/posts/koske-panda-ai/
Video from #anyrun analysis:
https://www.youtube.com/watch?v=1OSPp996XQ4
#koskeminer #coinminer #blueteam #cybersecurity #dfir #malwareanalysis #infosec #reverseengineering
-
It is an AI-generated #Linux #malware which was hidden in images with pandas. It supports wide variety of coinminers for various cryptocurrencies and for GPU and different CPU architectures. Its another component, #rootkit #hideproc, tries to hide the Koske miner from file listings and processes.
https://malwarelab.eu/posts/koske-panda-ai/
Video from #anyrun analysis:
https://www.youtube.com/watch?v=1OSPp996XQ4
#koskeminer #coinminer #blueteam #cybersecurity #dfir #malwareanalysis #infosec #reverseengineering
-
It is an AI-generated #Linux #malware which was hidden in images with pandas. It supports wide variety of coinminers for various cryptocurrencies and for GPU and different CPU architectures. Its another component, #rootkit #hideproc, tries to hide the Koske miner from file listings and processes.
https://malwarelab.eu/posts/koske-panda-ai/
Video from #anyrun analysis:
https://www.youtube.com/watch?v=1OSPp996XQ4
#koskeminer #coinminer #blueteam #cybersecurity #dfir #malwareanalysis #infosec #reverseengineering
-
It is an AI-generated #Linux #malware which was hidden in images with pandas. It supports wide variety of coinminers for various cryptocurrencies and for GPU and different CPU architectures. Its another component, #rootkit #hideproc, tries to hide the Koske miner from file listings and processes.
https://malwarelab.eu/posts/koske-panda-ai/
Video from #anyrun analysis:
https://www.youtube.com/watch?v=1OSPp996XQ4
#koskeminer #coinminer #blueteam #cybersecurity #dfir #malwareanalysis #infosec #reverseengineering
-
It is an AI-generated #Linux #malware which was hidden in images with pandas. It supports wide variety of coinminers for various cryptocurrencies and for GPU and different CPU architectures. Its another component, #rootkit #hideproc, tries to hide the Koske miner from file listings and processes.
https://malwarelab.eu/posts/koske-panda-ai/
Video from #anyrun analysis:
https://www.youtube.com/watch?v=1OSPp996XQ4
#koskeminer #coinminer #blueteam #cybersecurity #dfir #malwareanalysis #infosec #reverseengineering
-
Sophisticated Koske Linux Malware Developed With AI Aid https://www.securityweek.com/sophisticated-koske-linux-malware-developed-with-ai-aid/ #Malware&Threats #Linuxmalware #Koske #AI
-
Sophisticated Koske Linux Malware Developed With AI Aid https://www.securityweek.com/sophisticated-koske-linux-malware-developed-with-ai-aid/ #Malware&Threats #Linuxmalware #Koske #AI
-
Soco404 and Koske Malware Target Cloud Services with Cross-Platform Cryptomining Attacks – Source:thehackernews.com https://ciso2ciso.com/soco404-and-koske-malware-target-cloud-services-with-cross-platform-cryptomining-attacks-sourcethehackernews-com/ #rssfeedpostgeneratorecho #CyberSecurityNews #TheHackerNews #Koske
-
@BleepingComputer you mention that “AquaSec identified Serbia-based IP addresses used in the attacks, Serbian phrases in the scripts, and Slovak language in the GitHub repository hosting the miners, but it could make no confident attribution.”
In the original blog by AquaSec, they identified the GitHub account “vozstanica” as Slovak word for “train station”. But this is not true, in Slovak language, train station is either “vlaková stanica” or “železničná stanica”.
It seems that “vozstation” is incorrectly detected as Slovak word by Google Translate.On the other hand, when I search for “vozstation”, there are few occurrences on websites in Serbian language. It also correlates with other AquaSec findings such as Serbian phrases in AI-generated code and Serbian IP used in the attack. In their article, the only clue for Slovak is the “vozstation” only, which is more Serbian than Slovak word.
-
AI-Generated Malware in Panda Image Hides Persistent Linux Threat
#Koske
https://www.aquasec.com/blog/ai-generated-malware-in-panda-image-hides-persistent-linux-threat/ -
AquaSec deckte jetzt eine üble Malware für Linux auf, wobei verseuchte Bilddateien den Angriffsvektor beinhalten: Koske verbreitet sich - aktuell - über präparierte Pandabärbilder, die ein Script in C mit der unangenehmen Payload mitbringen. Offensichtlich half ein LLM bei der Entwicklung der Malware. Schöne, neue KI-Welt.
https://www.aquasec.com/blog/ai-generated-malware-in-panda-image-hides-persistent-linux-threat/