Security experts from Kaspersky Lab have spotted a new cryptocurrency miner dubbed PowerGhost that can spread leveraging a fileless infection technique. The miner uses multiple fileless techniques to evade detection. It leverages the NSA-linked EternalBlue exploit to spread, it is obfuscated PowerShell script containing malwares core code. Most of the PowerGhost infections were observed in India, Brazil, Columbia, and Turkey. Experts believe authors may have attempted to create a DDoS-for-hire service.”]
Source: https://securityaffairs.co/wordpress/74921/malware/powerghost-crypto-miner.html

