Privacy coin Dero becomes a target for new self-propagating malware

2025-05-29 09:17:10

Collection

ChainCatcher news, according to Coindesk, a new type of Linux malware is globally attacking unprotected Docker infrastructures, turning exposed servers into a decentralized network for mining the privacy coin Dero. The malware attacks exposed Docker APIs through port 2375, deploying two Golang-based implants, one disguised as legitimate web server software nginx, and another program named cloud for mining. Infected nodes autonomously scan the internet for new targets and deploy infected containers without the need for a central control server.

As of early May, over 520 Docker APIs worldwide were publicly exposed through port 2375, all of which are potential attack targets. Research shows that the wallets and node infrastructure used in this attack are the same as those used in attacks on Kubernetes clusters in 2023 and 2024.

(Source Link)

Related tags

Dero

ChainCatcher reminds readers to view blockchain rationally, enhance risk awareness, and be cautious of various virtual token issuances and speculations. All content on this site is solely market information or related party opinions, and does not constitute any form of investment advice. If you find sensitive information in the content, please click "Report", and we will handle it promptly.