Hackers continue mining Monero in more than 1000 enterprise computers and researchers believe that the number of affected serves is much higher than it is visible. In today’s Monero news, we take a closer look at the latest XMR research.
A group of hackers targeted thousands of enterprise computers to illegally mine cryptocurrencies as the security firm Red Canary found out. As per the research, the hackers continue mining Monero and the hacking group Blue Mockingbird pushed the malware since last December which was discovered by the Colorado-based security company earlier this month. The hackers are targeting the public servers that run on ASP.NET apps using the Telerik framework for the interface component. By exploiting the CVE-2019-1893335 vulnerability and they plant a web shell on the attacked server and then use the Juicy potato technique to gain higher-level access.
After gaining access to servers, the hackers downloaded the XMRRig which is a popular Monero mining application. If the public-facing server is connected to the internal network of the company, the hackers try to push the malware miner to the entire network:
“Like any security company, we have limited visibility into the threat landscape and no way of accurately knowing the full scope of this threat. This threat, in particular, has affected a very small percentage of the organizations whose endpoints we monitor. However, we observed roughly 1,000 infections within those organizations, and over a short amount of time.”
The illegal crypto mining process is not something new and now websites have even more traffic so scammers are using shady techniques to monetize their platform. With the anonymity features of Monero and the ability to mine cryptocurrencies with ideal CPU power which is a favourite among the hackers. The reports show that hackers are using new techniques to conceal the mining process in the affected computers during the inspection. The hackers also infiltrated the servers of the blogging platform Ghost and tech firms Lineage OS to illegally mine Monero.
It is safe to say that plenty of Monero users (in Europe) have sensed a major threat of cybersecurity attacks last week. Countries like Germany, Spain and Switzerland have increased the chances of having their supercomputers infected with a Monero mining malware.
DC Forecasts is a leader in many crypto news categories, striving for the highest journalistic standards and abiding by a strict set of editorial policies. If you are interested to offer your expertise or contribute to our news website, feel free to contact us at [email protected]
Discussion about this post