The GuardiCore security team has discovered a malicious traffic manipulation and cryptocurrency mining campaign, according to an announcement published June 6. The campaign infected over 40,000 machines across various industries, including finance, education, and government.
The campaign called Operation Prowli used various techniques like exploits and password brute-forcing to spread malware and take over devices, such as web servers, modems, and Internet-of-Things (IoT) devices. GuardiCore found that the attackers behind Prowli were focused on making money rather than ideology or espionage.