Rocke Group, a cybercrime group believed to be operating from China, has developed cryptocurrency mining software that can uninstall cloud-based security solutions from targeted systems as a way of evading detection.
Researchers with Palo Alto have so far only found proof that the malware works on Chinese cloud security solutions, but they fear that Rocke Group will adapt the malware to work on other cloud services as well.
Read more: Malware can now evade cloud security tools, as cybercriminals target public cloud users