The “Rocke group”, a Chinese threat actor group who specializes in cryptojacking, has shifted gears on how they’re stealing your cycles. Rocke is actively updating and pushing a new dropper using Pastebin for Command and Control (C2). Recent updates to the C2 as of March 13th, 2019 have been seen, which leads researchers to believe this campaign is ongoing. According to VirusTotal, the threat detection of the new dropper is nearly non-existent.