Once the attackers gain access to vulnerable endpoints and establish persistence, they pursue either proxyjacking or cryptojacking. Proxyjacking involves renting out compromised victim bandwidth to create a proxy network and earning money from it. On the other hand, cryptojacking entails installing cryptocurrency miners on vulnerable devices without the owners’ consent, utilizing their computing power to mine cryptocurrency.
