The Librarian Ghouls hacker group, also known as Rare Werewolf, has infiltrated numerous Russian devices to mine cryptocurrency through a method known as cryptojacking, as reported by cybersecurity firm Kaspersky. The hackers gain entry into systems by sending phishing emails containing malware disguised as official documents or payment requests. Once infected, the hackers disable security measures and establish remote access to the device. They schedule the device to operate between 1 am and 5 am to avoid detection while stealing login credentials and optimizing the device for crypto mining. The group continuously refines their tactics, targeting Russian users, particularly industrial entities and educational institutions. Kaspersky speculates that the hackers may be hacktivists aiming to promote a political agenda. The group's preference for using legitimate software over creating their own malicious tools is a notable characteristic. The extent of their activities remains unclear, but reports suggest their presence since at least 2019. Read more AI-generated news on: https://app.chaingpt.org/news