SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast) SANS Stormcast Friday, January 16th, 2026: Cryptojacking Hidden Gifts; Bluetooth Vulnerability; Reprompt in MSFT Copilot
5 snips
Jan 16, 2026 Discover the hidden dangers of cryptojacking, where miners use SSH backdoors to exploit systems. Learn about a flaw in Google's Fast Pair protocol that allows nearby devices to hijack Bluetooth accessories. Explore how Microsoft Copilot prompts can be manipulated through clever URL tricks, potentially misleading users. This episode highlights the risks of social engineering and emphasizes the need for vigilance when clicking links. Tune in for essential cybersecurity insights!
AI Snips
Chapters
Transcript
Episode notes
Cryptomining Indicates Larger Compromise
- Finding a crypto miner usually means your system was broadly vulnerable, not just coin-mined.
- Attackers commonly add SSH keys and backdoors so killing the miner alone won't remove access.
Check For Backdoors After Finding Miners
- Check for added SSH authorized_keys and persistent backdoors when you discover mining processes.
- Don't just kill the miner; investigate and remediate the initial vulnerability and attacker access.
Miners Exploit Low-Hanging Fruit
- Crypto miners target low-hanging fruit like weak passwords and common web vulnerabilities.
- More stealthy attackers may have exploited the same flaw without leaving obvious miners.