Crypto-jackers ditch Monero in favour of Dero mining

Mar 16 2023

Gone Phishing Banner

Welcome to Gone Phishing, your daily cybersecurity newsletter that’s sliding into your DMs.

Today’s hottest cyber security stories:

  • Crypto-jackers ditch Monero in favour of Dero mining
  • Is the clock ticking on TikTok’s UK presence?
  • UK cybersecurity salaries revealed!

OH-DERO! MOVE OVER MONERO!

Depending on whether or not you’ve been keeping your eye on the growing phenomenon of crypto-jacking, the following might sound like total gobbledegook. Bear with us on this one, if you would…

Basically, all the cybercriminals used to favour Monero (a coin just like Bitcoin but a little more obscure). Whenever you’d read of a ransomware attack, you would just know it’d be Monero that the criminals would ask for the ransom in.

This must have kind of sucked for Monero seeing as it’s a legitimate cryptocurrency which is actually favoured by it criminals because it’s good, i.e., highly anonymous and incorruptible.

Well, good news for Monero’s HR department because it looks as though their reign of terror may be coming to a close…

Recent activity on the Kubernetes network shows that, for the first time, crypto-criminals are favouring Dero over Monero.

FYI: Kubernetes, also known as K8s, is an open-source system for automating deployment, scaling, and management of containerized applications.

Crypto-jackers: Dero = denero!

The development marks a notable shift from Monero, which is a prevalent cryptocurrency used in such campaigns. It’s suspected it may have to do with the fact that Dero “offers larger rewards and provides the same or better anonymizing features.”

Our guess is that we may begin to see more of Dero in the coming weeks and months, potentially in the form of ransomware scammers asking for it instead of Monero.

Time will tell… One thing we know for damn sure is that it won’t be but a few days before we’re telling you all about another ransomware attack.

UK MINISTER CALLS FOR TIME ON TIKTOK

Turns out Donald Trump’s not the only one worried about the security of TikTok… UK security minister Tom Tugendhat has asked the National Cyber Security Centre (NCSC) to look into TikTok after governments around the world have begun banning it from their work phones. It’s undeniable that TikTok and other similar apps/services like YouTube Shorts and Instagram Stories are absolute timethief.

Click on one of them and watch between 5 and 50 minutes get drained from your life. Sometimes it literally feels like you’re hypnotised and when you finally suck yourself out, it’s like you’ve awoken from a coma. Scary. Most of them aren’t even anything!

But yeah, politicians around the world are worried that the app is doing more than stealing our time (and motivation. And self-worth). They suspect it’s stealing and harvesting data…

The Chinese-owned video sharing app is under scrutiny from European and US microscope over security and data privacy, with concerns it could be used to promote pro-Beijing views or gather user data.

Prime Minister Rishi Sunak has hinted at following suit, saying the UK will “look at what our allies are doing”. Yeah, way to lead the way, Sunak. Wouldn’t want to upset our Chinese overlords, would he?

But TikTok has hit back, calling government bans “misguided and based on fundamental misconceptions”.

There are some things that make you wonder about potential nefarious intentions from the Chinese…

They inflicted this app on the world which seems to constantly push sexual immorality amongst disturbingly young people. Indeed it’s no secret that the app has become a hotbed for grooming. But yeah, the algorithm clearly favours this type of content.

And that isn’t the case in China! In China, only positive, productive content gets picked up by the app. They have a sanitised wholesome version of the app. Same with the whole Covid thing, you can’t help but wonder if the Chinese are playing 4D chess with the world.

Alright, tin foil hat off.

CAN’T PUT A PRICE ON SECURITY. ACTUALLY YOU CAN… LET’S SEE WHAT IT IS!

Alright, prepare to feel smug or embittered with envy. Let’s get nosey, folks. The survey on cybersecurity salaries is out so let’s see who’s bringing home the bacon!

The UK Cybersecurity Salary Survey 2023 by Cybershark Recruitment anonymously polled 2,300 executives…. These are the key takeaways.

Let’s start with the ballers. Here are the highest paid jobs:

  • Governance, risk and compliance (up to £230,000 pa)
  • Cloud security (up to £222,500)
  • Incident response (up to £155,000)
  • Identity and access management (up to £140,000)

Salary rises year-on-year from 2021 to 2022, the highest wage increases were in:

Incident response (10.8%),

Identity and access management (10.3%)

Governance, risk and compliance (6.6%)

‘Driven by need’

Amanda Finch, CEO of the Chartered Institute for Information Security (CISSec), commented that increased demand and salary increases are ultimately driven by need.

Finch said: “Over the last year, we’ve seen a marked increase in supposed nation-state activity; ransomware; and ongoing news of new regulatory frameworks such as the new UK data protection laws.”

Well we can certainly vouch for that! We often cover double digits worth of scams in a single week here at Gone Phishing.

Stay safe out there, folks and to our cyber-guardians: Keep stacking that paper!! Peace out.

So long and thanks for reading all the phish!

Recent articles