Discovered new BYOF technique to cryptomining with PRoot
During the attacks, which the Sysdig TRT discovered, the archives were placed on popular storage platforms, such as DropBox. Once the threat actors gained access to their target system, they downloaded their malicious filesystem package along with PRoot. ... The Sysdig Threat Research Team (TRT) recently discovered threat actors leveraging an open source tool called PRoot to expand the scope of their operations to multiple Linux distributions and simplify their necessary efforts. Malware: XMRig CVEs: CVE-2021-44228 [View Article](https://sysdig.com/?p=62611)