Skip to main content

Dogecoin (DOGE) is now being used by crypto hackers after TikTok boom



Dogecoin’s usecases have seemingly evolved over time. 

The meme coin was initially created as a joke in 2014, turned into one of the hottest cryptocurrencies in 2015, became Elon Musk’s favorite in 2018, and was part of a TikTok challenge in 2020.

But things have taken a darker turn for the currency; hackers are now utilizing the token to control crypto mining botnets, security firm Intezer Labs said in a report this week.

Such DOGE, much hack

Intezer Labs, a New York-based malware analysis and detection firm, found out hackers using the infamous “Doki” backdoor have been using Dogecoin wallets to mask their online presence.

The firm said it had been analyzing Doki, a trojan virus, since January 2020 but recently discovered its use in installing and maintaining crypto-mining malware later. 

A hacker — who goes by Ngrok — had uncovered a method to use Dogecoin wallets for infiltrating web servers, the firm noted. 

The usage is a first such case for the meme coin, which is otherwise known for funnier purposes.

Intezer Labs found out Doki was using a previously undocumented method to contact its operator by abusing the Dogecoin blockchain in a unique way in order to dynamically generate its control and command (C&C) domain addresses.

Using Dogecoin transactions allowed the attackers to alter these C&C addresses on any affected computers, or servers, that ran Ngrok’s Monero mining bots.

Doing so allowed the hacker/s to mask their online location, thus preventing detection by legal and cybercriminal authorities.

Intezer Labs explained in its report: 

“While some malware strains connect to raw IP addresses or hardcoded URLs included in their source code, Doki used a dynamic algorithm to determine the control and command (C&C) address using the Dogecoin API.”

The firm added these steps meant security firms needed to access the hacker’s Dogecoin wallet to take down Doki, which was “impossible” without knowing the wallet’s private keys.

Using DOGE to control servers

Using Doki allowed Ngrok to control their newly-deployed Alpine Linux servers for running their crypto-mining operations. They used the Doki service to determine and change the URL of the control and command (C&C) server it needed to connect for new instructions.

Intezer researchers reverse-engineered the process, detailing the initial steps as shown in the image below:

Hackers used these steps to control their botnet. Image: ZDNet

When the above was fully executed, the Ngrok gang could change Doki’s command servers by making a single transaction from within a Dogecoin wallet they controlled.

However, this was just part of a larger attack. Once the Ngrok gang gained access to command servers, they deployed another botnet to mine Monero. 

Dogecoin and Doki only served as access bridge, as ZDNet researcher Catalin Cimpanu tweeted:

Intezer said Doki has been active since this January, but remained undetected on all 60 “VirusTotal” scanning software used on Linux servers.

As of today, the attack is still active as of today. Malware operators and “crypto-mining gangs” have been actively using the method, said Intezer.

But it’s not a big worry. 

The firm says preventing exposure to the virus is easy; one just needs to ensure that any critical application process interfaces (APIs) are fully offline and not connected to any application which interacts with the internet.

Source: cryptoslate.com

Comments

Contact us

Name

Email *

Message *

Popular posts from this blog

Cryptocurrencies Adding to the Safety and Security in the UK Gambling Industry

These are exciting times for the UK gambling industry. The impact of internet technology is now being felt with online gambling now controlling the industry.  The adoption of cutting-edge technology is reasonable for the boom in the industry. From live casinos, mobile apps to artificial intelligence, incredible trends continue shaping the gambling industry. However, it is the rise of cryptocurrency casinos that seeks to redefine UK gambling.  Many operators now include crypto coins such as bitcoin, Ethereum and Litecoin as part of their banking methods. Others offer exclusive bitcoin payments and promotions based on digital tokens. This revolutionary trend has a huge impact due to enhanced safety and security on these platforms. Players looking for peace of mind when playing online now opt to use cryptocurrencies. This post looks at how cryptos guarantee the safety and security of players at online casinos. How Cryptocurrency Gambling Works There’s a lot of talk about cryptocurrency,

Will Solana (SOL) Be the Shining Star of the Bull Market?

About 250,000 to 700,000 SOL have been sold daily by FTX for the last three weeks. SOL’s price jumped above $60, as GSOL’s premium also increased. While the price may retrace, it may not take long before SOL hits $70. Despite being a notable casualty of the FTX contagion in 2022, Solana (SOL) has defied all odds in 2023, as the price continues to outshine its peers. In the last 30 days, the value of SOL has increased by 180%, rising as high as $62 on November 11. However, the rising price of SOL is not the only interesting thing the token has shown by the token. For a token that was once described as dead, it has shown tremendous strength. Coin Edition came to this conclusion because of a post by trader Bluntz Capital. The Big Players Are Here According to Bluntz, FTX, after getting the go-ahead to liquidate its assets, has been selling around 250,000 to 700,000 daily for the last three weeks. Regardless of the sales, SOL has failed to nosedive. Rather, the price has chosen the upside

Terra Classic Community Passes Major Constructive Proposal, LUNC And USTC To $1?

  The Terra Luna Classic community has passed another key proposal as they prepare for a revival of Terra Luna Classic (LUNC) and repeg USTC stablecoin to $1.  The proposal aimed at having a guideline for a pay-per-job approach on the Terra Classic chain as core developer L1TF goes into maintenance mode for Q4. Meanwhile, the community is also collaborating on other fronts to keep LUNC and USTC above key support levels as traders started booking profits amid the latest pullback in the crypto market. Terra Luna Classic Passes Pay Per Job Proposal Proposal 11889 “Pay-per-job and governance-ruled Job List” has passed successfully. The proposal deemed the monthly model of roadmap and payment planning as suboptimal and plans to switch to a pay-per-job model. The proposal has received 91.99% “Yes” votes, with others mostly voting “Abstain”. The community believes it will optimize compensation structure, provide flexibility and transparency, boost community engagement, and risk mitigation. A