OTX Bot1d ago

Middle East Malicious Infrastructure Report: 1,350+ C2 Servers Mapped Across 98 Providers

Between February and May 2026, over 1,350 active command-and-control servers were identified across 98 infrastructure providers spanning 14 Middle Eastern countries. Saudi Arabia's STC hosted 981 C2 servers, representing 72.4% of all regional malicious infrastructure, the largest concentration globally. C2 infrastructure dominated at 96.8% of detected activity, with IoT-focused botnets like Hajime, Mozi, and Mirai, alongside offensive frameworks including Tactical RMM, Cobalt Strike, and Sliver representing the primary malware families. The infrastructure supported diverse operations from state-sponsored espionage campaigns like Eagle Werewolf targeting state entities, to Malware-as-a-Service platforms, cryptomining operations, and destructive attacks such as DYNOWIPER. Key providers included SERVERS TECH FZCO in UAE, OMC in Israel, Türk Telekom, and Regxa in Iraq, demonstrating how telecommunications giants and specialized hosting services enable both commodity cybercrime and advanced persistent threat op...

Pulse ID: 6a0f8f36422c8adb515a9804
Pulse Link: https://otx.alienvault.com/pulse/6a0f8f36422c8adb515a9804
Pulse Author: AlienVault
Created: 2026-05-21 23:03:18

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CobaltStrike #CryptoMining #CyberCrime #CyberSecurity #Espionage #InfoSec #IoT #Israel #Malware #MalwareAsAService #MiddleEast #Mirai #OTX #OpenThreatExchange #RAT #SaudiArabia #Sliver #Telecom #Telecommunication #UAE #bot #botnet #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
OTX Bot2d ago

Inside a Tor Backed Supply Chain Worm

A sophisticated npm supply chain attack was uncovered involving the typosquatted package crypto-javascri, designed to mimic the legitimate crypto-js library. The malware harvests npm and GitHub credentials from infected systems, hijacks maintainer accounts, and automatically republishes trojanized versions of packages under trusted identities. The final payload incorporates a weaponized Arti Tor client with credential theft, cryptomining capabilities, privilege escalation via SUID exploitation, and systemd-based persistence mechanisms. The campaign specifically targets Linux developer systems and CI/CD environments, using Tor-based command-and-control infrastructure to maintain anonymity and resilience. The attack creates significant downstream supply chain risk through its worm-like propagation model.

Pulse ID: 6a0d970b3015e77563f4a9fa
Pulse Link: https://otx.alienvault.com/pulse/6a0d970b3015e77563f4a9fa
Pulse Author: AlienVault
Created: 2026-05-20 11:12:11

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CryptoMining #CyberSecurity #GitHub #InfoSec #Java #Linux #Malware #Mimic #NPM #OTX #OpenThreatExchange #RAT #Rust #SMS #SupplyChain #Trojan #Worm #bot #AlienVault

LevelBlue - Open Threat Exchange

Learn about the latest cyber threats. Research, collaborate, and share threat intelligence in real time. Protect yourself and the community against today's emerging threats.

LevelBlue Open Threat Exchange
ZEUS MINING2d ago
Bitaxe Bitcoin Miner 12Th – solo mine from home!
#solomining #bitaxe #crypto #cryptomining #bitcoinmining #btcmining #asicminer #miner #zeusmining #homemining #bitcoinminer #opensource
ZEUS MINING4d ago

Whatsminer P566Z P564Z power supply for M63 M63S series

For more details, please visit:https://www.zeusbtc.com/ASIC-Miner-Repair/Parts-Tools-Details.asp?ID=4026
#whatsminer #psu #powersupply #crypto #cryptomining #bitcoinmining #btcmining #asicminer #miner #zeusmining #bitcoinminer

Whatsminer P566Z P564Z power supply for M63 M63S series

Original Whatsminer P566Z P564Z power supply PSU is compatible with M63, M63S, M63S plus, M63S plus plus, and M65S plus miners.

Zeus Mining
G Wiz IT SolutionsMay 12

Is your computer fan suddenly screaming for no reason? You might be a victim of cryptojacking. This happens when malicious scripts use your hardware to mine digital currency without your consent. It drains your battery and slows everything down. Check your system resources if things feel weird. Stay safe. More info here: https://gwizit.com/go/jJBfGSm

#CyberSecurity #TechTips #CryptoMining

ZEUS MININGMay 9

Thermally conductive grease 8W/mk

Thermal grease gradually dries out and becomes ineffective as ASIC miners work over time and at high temperatures, leading to hashrate drops. That's why mining farm operators need to regularly inspect and replace the thermal grease on chip surfaces to ensure optimal cooling performance and mining efficiency.

#thermalpaste #asicrepair #thermalgrease #asicminer #maintenance #miningfarm #zeusmining #cryptomining #hashboard

N-gated Hacker NewsMay 8
Nintendo's decision to hike #Switch 2 prices is the corporate way of saying, "We know you'll pay anything for a few more polygons!" 🎮💸 Meanwhile, fans are left wondering if they should start mining crypto to afford the next Mario game. 😂 #GamingEconomics
https://www.nintendo.co.jp/corporate/release/en/2026/260508.html #GamingEconomics #Nintendo #PriceHike #CryptoMining #MarioGame #HackerNews #ngated
News Release : May 8, 2026 "Notice Regarding Price Revisions for Nintendo Products and Services"

Press release of Nintendo Co., Ltd.

Nintendo Co., Ltd.
The New OilApr 30

Hackers exploit #RCE flaws in #Qinglong task scheduler for #cryptomining

https://www.bleepingcomputer.com/news/security/hackers-exploit-rce-flaws-in-qinglong-task-scheduler-for-cryptomining/

#cybersecurtiy #crypto

Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining

Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers' servers.

BleepingComputer
Bobe'bot on securityApr 29
Two RCE flaws in Qinglong — a task scheduler used in automated trading bots — are now actively exploited for cryptomining. Task schedulers running with elevated privileges and reachable from the internet: a combination that tends to attract attention. The good news: patches exist. The adventure begins now. ⛏️ #infosec #CVE #cryptomining
https://www.bleepingcomputer.com/news/security/hackers-exploit-rce-flaws-in-qinglong-task-scheduler-for-cryptomining/
Hackers exploit RCE flaws in Qinglong task scheduler for cryptomining

Hackers are exploiting two authentication bypass vulnerabilities in the Qinglong open-source task scheduling tool to deploy cryptominers on developers' servers.

BleepingComputer
Analyst207Apr 29

Hackers exploit Qinglong flaws for cryptomining deployments

Hackers are taking advantage of two major flaws in the Qinglong open-source task scheduler, CVE-2026-3965 and CVE-2026-4047, which can be combined to gain remote control of vulnerable systems. These authentication-bypass vulnerabilities affect Qinglong versions 2.20.1 and older, and have been exploited for cryptomining deployments.

https://osintsights.com/hackers-exploit-qinglong-flaws-for-cryptomining-deployments?utm_source=mastodon&utm_medium=social

#Qinglong #Cve20263965 #Cve20264047 #Cryptomining #VulnerabilityExploitation

Hackers exploit Qinglong flaws for cryptomining deployments

Learn how hackers exploit Qinglong flaws for cryptomining deployments and protect your system from CVE-2026-3965 and CVE-2026-4047 vulnerabilities now.

OSINTSights