Advertisement
AD

Main navigation

Monero-Mining Botnet Exploits Bugs in Oracle WebLogic and Drupal

Advertisement
Wed, 11/11/2020 - 18:05
Monero-Mining Botnet Exploits Bugs in Oracle WebLogic and Drupal
Cover image via stock.adobe.com
Read U.TODAY on
Google News

According to Bleeping Computer, a Chinese botnet has exploited some bugs in Oracle WebLogic, a popular server for running enterprise applications, and content management system Drupal.  

Advertisement

Its report cites the findings of Mountain View-based cloud cybersecurity provider Lacework that found a new version of the malware.     

Dubbed “Muhstik,” the botnet in question has been around since March 2018. It is infamous for attacking Linux-based services like WordPress as well as devices powered by the internet of things (IoT) technology.      

Like a slew of similar botnets, Muhstik relies on XMRig, an open-source CPU miner for privacy coin Monero (XMR), for monetization purposes.     

The botnet receives an instruction to download the miner from command-and-control (C&C) servers, according to researcher Chris Hall:

“Usually Muhstik will be instructed to download an XMRrig miner and a scanning module. The scanning module is used for growing the botnet through targeting other Linux servers and home routers.”    

Related
Hackers Infect Microsoft Servers with Crypto Mining Malware. Here's How They Did It

Based on its malware upload paths, Muhstik was attributed to a Chinese firm. Its C&C also shares that same SSL certificate with a site devoted to a popular anime character.       

As reported by U.Today, the Stantinko gang adopted innovative techniques to obfuscate their cryptojacking operations earlier this year.  

In 2019, French cyberpolice shut down a botnet that was responsible for infecting hundreds of thousands Windows computers around the globe.

Advertisement
TopCryptoNewsinYourMailbox
TopCryptoNewsinYourMailbox
Advertisement

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles

Advertisement
AD