Hackers Install Crypto Mining Malware on Servers of Major Blogging Platform

Mon, 05/04/2020 - 07:26
Alex Dovbnya
The Bitcoin (BTC) price slumps four percent after posting seven back-to-back green candles on the weekly chart
Cover image via stock.adobe.com

According to ZDNet, the servers of the open-source blogging platform Ghost have been compromised by hackers to mine cryptocurrency as part of an extensive ransomware campaign. 

The malicious actors were able to gain unauthorized access to Ghost by exploiting some bugs in the Salt software that is used for managing the company’s servers.

Criminals Use These New Techniques to Mine Monero (XMR) on Your Computer

Overloaded CPUs

A Ghost representative sates that cybercriminals did not steal any of their users’ personal or financial information. Instead, they were focused on cryptojacking -- the process of stealthily mining cryptocurrency (usually privacy coins in the likes of Monero).

Ghost developers felt the heat when the company’s CPUs became overloaded due to a massive mining operation. They took down all servers and brought them back online after patching systems.   

More vulnerable companies 

Prior to that, the hackers managed to breach the servers of the LineageOS operating system by relying on the same Salt vulnerabilities.

One cybersecurity expert warns that the campaign threatens banks and Fortune 500 companies:

"We're seeing unpatched Salt servers at banks, web hosters, and Fortune 500 companies."

About the author

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with extensive experience of covering everything related to the burgeoning industry — from price analysis to Blockchain disruption. Alex authored more than 1,000 stories for U.Today, CryptoComes and other fintech media outlets. He’s particularly interested in regulatory trends around the globe that are shaping the future of digital assets, can be contacted at alex.dovbnya@u.today.

This site uses cookies for different purposes. Please set your preferences in Cookie Settings and visit our Cookie policy for more information on how and why cookies are used on this site. Click here for cookie policy

Cookie settings