Close Menu
AltCoinDrops.comAltCoinDrops.com
    What's Hot

    Hong Kong leader to push economy and tech hub in policy address

    September 17, 2025

    Exploring Top Gaming Altcoins to Invest In: Discover Profitable Opportunities

    November 6, 2025

    Bitcoin to reach multi-million dollar prices? Bitwise fund makes bullish long-term call

    September 13, 2025
    Facebook X (Twitter) Instagram
    • Privacy Policy
    • Get In Touch
    Facebook X (Twitter) Instagram
    AltCoinDrops.comAltCoinDrops.com
    • Latest News
      • Altcoin
      • Bitcoin
      • Ethereum
      • Markets
      • Blockchain
      • Regulation
    • Prices & Market Data
    • Learn/Guide
      • Explainers
      • Courses
      • How To
    • Sponsored
    • Ask Anything
    • Tools
      • Crypto Profit Calculator
      • Crypto Position Size Calculator
      • Crypto APY Calculator
      • Crypto APR Calculator
      • Dollar Cost Average Calculator
      • Asset Allocation Calculator
      • Annualized Return Calculator
    AltCoinDrops.comAltCoinDrops.com
    Home » Hackers target crypto and blockchain project databases using AI
    Latest News

    Hackers target crypto and blockchain project databases using AI

    January 12, 20264 Mins Read
    Facebook Twitter Pinterest LinkedIn Tumblr Email
    Hackers target crypto and blockchain project databases using AI
    Share
    Facebook Twitter LinkedIn Pinterest Email



    Cryptocurrency and blockchain project databases with weak credentials and AI-generated are being hacked through deployment patterns picked up by botnets, according to new research from Check Point.

    Crypto Investor EA

    A malware botnet named GoBruteforcer is capable of compromising Linux servers and turning them into automated password-cracking nodes, said the cybersecurity company. The hacking program has affected infrastructure used by crypto projects, including database servers, file transfer services, and web administration panels. 

    GoBrut can scan the internet for poorly secured services and attempt to log into services using popular usernames and weak passwords. Once a system is compromised, it is then added to a distributed network that can be remotely accessed by a network of hackers.

    GoBruteforcer botnet can hack vaguely thought-out passwords

    According to Check Point’s report published last Wednesday, the botnet can walk past protections in services like FTP, MySQL, PostgreSQL, and phpMyAdmin. These programs are used by blockchain startups and decentralized app developers to manage user data, application logic, and internal dashboards.

    Systems GoBrute has hacked can accept commands from a command-and-control server, dictating which service to attack while supplying credentials for brute-force attempts. The revealed login details are reused to access other systems, steal private data, create hidden accounts, and add to the botnet’s reach.

    Check Point also mentioned that infected hosts can also be repurposed to host malicious payloads, distribute malware to new victims, or become backup control servers if the core system is experiencing downtimes.

    Many development teams now, including those from big tech firms like Microsoft and Amazon, use code snippets and setup guides generated by large language models (LLMs) or copied from online forums. 

    Check Point explained that since AI models cannot create new passwords and usually mimic what they have been taught, they make usernames and default passwords very predictable, not changing them fast enough before systems are exposed to the internet. 

    The problem becomes even more dire when legacy web stacks like XAMPP are used, which can expose administrative services by default and provide an easy entry point for hackers.

    GoBruteforcer campaigns began in 2023, Unit 42 research found

    GoBruteforcer was first documented in March 2023 by Palo Alto Networks’ Unit 42, which detailed its ability to compromise Unix-like systems x86, x64, and ARM architectures. The malware deploys an Internet Relay Chat bot and web shell, which attackers use to keep their remote access.

    In September 2025, researchers at Lumen Technologies’ Black Lotus Labs found that a portion of infected machines linked to another malware family, SystemBC, were also GoBruteforcer nodes. Check Point analysts compared the password lists used in attacks against a database of roughly 10 million leaked credentials and found an overlap of about 2.44%.

    Based on that overlap, they estimated that tens of thousands of database servers could accept one of the passwords used by the botnet. Google’s 2024 Cloud Threat Horizons report found that weak or missing credentials were responsible for 47.2% of initial access vectors in breached cloud environments.

    Blockchain and AI reconnaissance expose private data, research finds

    In instances where GoBrute was traced in cryptocurrency environments, network hackers used crypto-themed usernames and password variants that matched naming conventions from blockchain projects. Other campaigns targeted phpMyAdmin panels linked to WordPress sites, a service for project websites and dashboards. 

    “Some tasks are clearly sector-focused. For example, we observed an attack that used crypto-themed usernames such as cryptouser, appcrypto, crypto_app, and crypto. In these runs, the passwords used combined the standard weak list with crypto-specific guesses such as cryptouser1 or crypto_user1234,” Check Point said, mentioning examples of passwords.

    Check Point identified a compromised server being used to host a module that scanned TRON blockchain addresses and queried balances through a public blockchain API to identify wallets holding funds.

    “The combination of exposed infrastructure, weak credentials, and increasingly automated tools. While the botnet itself is technically straightforward, its operators benefit from the number of misconfigured services online,” the security company wrote.

    If you’re reading this, you’re already ahead. Stay there with our newsletter.



    Source link

    Share. Facebook Twitter Pinterest LinkedIn Tumblr Email

    Related Posts

    SBI Holdings Acquires Majority Stake in Singapore’s Coinhako Amid Plans For Asian Expansion

    July 18, 2026

    UK jails fake-police crypto gang as regulators sharpen digital-asset rules

    July 17, 2026

    12 Best Crypto Sports Betting Sites in the UK 2026

    July 16, 2026

    Rising memory-chip prices reshape AI cloud economics, and CoreWeave leans on risk discipline

    July 15, 2026
    Top Posts

    Strategy Sells 32 Bitcoin for First Time Since 2022 as Bitmine Adds 26,497 Ethereum

    June 1, 2026

    OpenMiner among 2025’s notable digital wealth passive income apps

    September 15, 2025

    Crypto Exchange Fights Legal Fragmentation

    September 18, 2025

    Subscribe to Updates

    Get the latest updates from AltCoinDrops.com on crypto trends, market insights, and investment opportunities.

      Welcome to AltCoinDrops.com! Your go-to source for fast, reliable updates from the ever-evolving world of cryptocurrency. Whether it's Bitcoin, altcoins, blockchain breakthroughs, or DeFi trends, we bring you timely insights, expert analysis, and key developments shaping the future of digital finance. Stay ahead with real-time crypto news and in-depth coverage.

      Top Insights

      SBI Holdings Acquires Majority Stake in Singapore’s Coinhako Amid Plans For Asian Expansion

      July 18, 2026

      UK jails fake-police crypto gang as regulators sharpen digital-asset rules

      July 17, 2026

      12 Best Crypto Sports Betting Sites in the UK 2026

      July 16, 2026
      Advertisement
      Crypto Investor EA
      • Privacy Policy
      • Get In Touch
      © 2026. Designed by AltCoinDrops.com.

      Type above and press Enter to search. Press Esc to cancel.