"New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic"

The cryptocurrency mining group called 8220 Gang has been using a new crypter called ScrubCrypt in cryptojacking operations. According to Fortinet FortiGuard Labs, the attack chain begins with successfully exploiting vulnerable Oracle WebLogic servers to download a PowerShell script containing ScrubCrypt. Crypters are software that can encrypt, obfuscate, and manipulate malware with the objective of evading detection by security tools. ScrubCrypt, which is advertised for sale by its creator, includes capabilities to circumvent Windows Defender and detect the presence of debugging and virtual machine environments. This article continues to discuss researchers' findings regarding the ScrubCrypt crypter being used by the 8220 Gang.

THN reports "New ScrubCrypt Crypter Used in Cryptojacking Attacks Targeting Oracle WebLogic"

Submitted by Anonymous on