Hackers Stealthily Uninstall Cloud Security Products to Mine Monero

Fri, 01/18/2019 - 14:37
article image
Alex Dovbnya
The new malicious software managed to uninstall cloud security products of top Chinese cloud providers
Hackers Stealthily Uninstall Cloud Security Products to Mine Monero
Cover image via U.Today

Cybersecurity firm Palo Alto Networks has recently discovered a new type of malware that is capable of targeting cloud servers. The ultimate goal of this hacking operation conducted by the Rocky group was to stealthy mine Monero, the most popular privacy coin.  


Outsmarting tech giants

Public cloud infrastructure has been extremely enticing for hackers over the past few years. The report states that the products developed by Tencent and Alibaba weren’t actually compromised. Hackers gained full control and simply uninstalled the software, acting like a real administrator.

The researchers add that this is the first instance when any malware managed to remove cloud security. The Rocky group achieved this by not displaying any malicious behavior and by using guides provided by the aforementioned companies on how to uninstall their products. In order to deliver the malware itself to the victim’s computer, they exploited vulnerabilities in Apache Struts 2, Oracle WebLogic, and Adobe ColdFusion.

It’s high time for cloud-based services to rethink their approach to security given that ordinary security products might not be doing enough in order to avoid malware intrusion.

Monero, the king of cryptojacking

As U.Today reported earlier, Monero is linked to the lion’s share of cryptojacking cases. In fact, more than 4 percent of the XRM total supply is attributed to malicious malware. From malicious Steam games to fake Adobe Flash installers that are used as a tool for cryptojacking – Monero keeps ruling the roost when it comes to mining malware. 

article image
About the author

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with extensive experience of covering everything related to the burgeoning industry — from price analysis to Blockchain disruption. Alex authored more than 1,000 stories for U.Today, CryptoComes and other fintech media outlets. He’s particularly interested in regulatory trends around the globe that are shaping the future of digital assets, can be contacted at alex.dovbnya@u.today.