back to article Org's network connect to GitHub and Pastebin much? It's a Rocke road to cryptojacking country

Palo Alto Networks has spotted a new cryptomining malware technique that not only wipes out any other miners present on the target machine but uses GitHub and Pastebin as part of its command-and-control (C2) infrastructure. The malware, believed to originate from a Chinese cybercrime group nicknamed Rocke, targets cloud …

  1. GnuTzu Silver badge

    All That Collaboration and Then The Spoilers Come

    It starts as free for all and then becomes a free-for-all. This is going to take some work to establish meaningful defenses, given what's obviously coming down the road for all the code repos.

    1. Will Godfrey Silver badge
      Mushroom

      Re: All That Collaboration and Then The Spoilers Come

      Unfortunately, for these bastard crims nothing is sacred.

      1. stiine Bronze badge
        Unhappy

        Re: All That Collaboration and Then The Spoilers Come

        I think you'll find that they think money is sacred; your money, my money, everybody else's money...

    2. Rainer

      Re: All That Collaboration and Then The Spoilers Come

      Just host a gitlab instance on-prem.

      Problem solved (unless you make that one publicly accessible, too, which given gitlab's history ripe with 0days, might not be the brightest idea)

  2. Alister Silver badge
    Joke

    Did you know that the netblock 104.238.148.0/22 which contains the IP address 104.238.151.101 mentioned, belongs to Vultr Holdings, LLC

    Coincidence? I DON'T THINK SO!

    :)

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019