#Crystalray

CRYSTALRAY Hackers Infect Over 1,500 Victims Using Network Mapping Tool

by

July 15, 2024 at 07:09AM A threat actor, known as CRYSTALRAY, has expanded its operations and infected over 1,500 victims using open-source security tools. Their primary objectives include harvesting and selling credentials, deploying cryptocurrency miners, and maintaining persistence in victim environments. Various methods, including tool abuse and credential discovery, are employed, posing serious security risks. … Read more

CRYSTALRAY hacker expands to 1,500 breached systems using SSH-Snake tool

by

July 11, 2024 at 11:10AM The new threat actor, CRYSTALRAY, has expanded its operations, targeting over 1,500 victims with stolen credentials and cryptominers. Utilizing SSH-Snake and various open-source tools, CRYSTALRAY aims to collect and sell credentials, deploy cryptominers, and maintain persistence in victim environments. It exploits vulnerabilities in various software and targets Atlassian Confluence products. … Read more

‘CrystalRay’ Expands Arsenal, Hits 1,500 Targets with SSH-Snake and Open Source Tools

by

July 11, 2024 at 10:48AM CrystalRay, a threat actor, has expanded their operations since the February attacks. They utilize SSH-Snake, an automated worm-like tool, for hacking purposes and have added mass scanning, open source software exploitation, and credential theft to their arsenal. Their use of open source and penetration testing tools enables them to maintain … Read more

‘Crystalray’ Attacks Jump 10X, Using Only OSS to Steal Credentials

by

July 11, 2024 at 10:04AM A threat actor known as “Crystalray” has been utilizing open source software (OSS) to expand its operations in credential stealing and cryptomining. Researchers observed Crystalray utilizing a range of OSS tools to carry out various stages of its attack chain. Despite its efficiency, the use of OSS opens the attacker … Read more