Hackers Stealthily Uninstall Cloud Security Products to Mine Monero
Cybersecurity firm Palo Alto Networks has recently discovered a new type of malware that is capable of targeting cloud servers. The ultimate goal of this hacking operation conducted by the Rocky group was to stealthy mine Monero, the most popular privacy coin.
card
Outsmarting tech giants
Public cloud infrastructure has been extremely enticing for hackers over the past few years. The report states that the products developed by Tencent and Alibaba weren’t actually compromised. Hackers gained full control and simply uninstalled the software, acting like a real administrator.
The researchers add that this is the first instance when any malware managed to remove cloud security. The Rocky group achieved this by not displaying any malicious behavior and by using guides provided by the aforementioned companies on how to uninstall their products. In order to deliver the malware itself to the victim’s computer, they exploited vulnerabilities in Apache Struts 2, Oracle WebLogic, and Adobe ColdFusion.
It’s high time for cloud-based services to rethink their approach to security given that ordinary security products might not be doing enough in order to avoid malware intrusion.
Monero, the king of cryptojacking
As U.Today reported earlier, Monero is linked to the lion’s share of cryptojacking cases. In fact, more than 4 percent of the XRM total supply is attributed to malicious malware. From malicious Steam games to fake Adobe Flash installers that are used as a tool for cryptojacking – Monero keeps ruling the roost when it comes to mining malware.