Main navigation

Advertisement

Monero-Mining Botnet Exploits Bugs in Oracle WebLogic and Drupal

Wed, 11/11/2020 - 18:05
A Chinese crypto-mining botnet is taking advantage of vulnerabilities in Oracle WebLogic and Drupal
Advertisement
Monero-Mining Botnet Exploits Bugs in Oracle WebLogic and Drupal
Cover image via stock.adobe.com
Read U.TODAY on
Google News

According to Bleeping Computer, a Chinese botnet has exploited some bugs in Oracle WebLogic, a popular server for running enterprise applications, and content management system Drupal.  

Advertisement

Its report cites the findings of Mountain View-based cloud cybersecurity provider Lacework that found a new version of the malware.     

Dubbed “Muhstik,” the botnet in question has been around since March 2018. It is infamous for attacking Linux-based services like WordPress as well as devices powered by the internet of things (IoT) technology.      

Like a slew of similar botnets, Muhstik relies on XMRig, an open-source CPU miner for privacy coin Monero (XMR), for monetization purposes.     

The botnet receives an instruction to download the miner from command-and-control (C&C) servers, according to researcher Chris Hall:

Advertisement

“Usually Muhstik will be instructed to download an XMRrig miner and a scanning module. The scanning module is used for growing the botnet through targeting other Linux servers and home routers.”    

You Might Also Like

Based on its malware upload paths, Muhstik was attributed to a Chinese firm. Its C&C also shares that same SSL certificate with a site devoted to a popular anime character.       

As reported by U.Today, the Stantinko gang adopted innovative techniques to obfuscate their cryptojacking operations earlier this year.  

In 2019, French cyberpolice shut down a botnet that was responsible for infecting hundreds of thousands Windows computers around the globe.

Advertisement
Advertisement
Subscribe to daily newsletter

Recommended articles

Latest Press Releases

Our social media
There's a lot to see there, too

Popular articles