Monero-Mining Botnet Exploits Bugs in Oracle WebLogic and Drupal

News
Wed, 11/11/2020 - 18:05
article image
Alex Dovbnya
A Chinese crypto-mining botnet is taking advantage of vulnerabilities in Oracle WebLogic and Drupal
Monero-Mining Botnet Exploits Bugs in Oracle WebLogic and Drupal
Cover image via stock.adobe.com

According to Bleeping Computer, a Chinese botnet has exploited some bugs in Oracle WebLogic, a popular server for running enterprise applications, and content management system Drupal.  

Its report cites the findings of Mountain View-based cloud cybersecurity provider Lacework that found a new version of the malware.     

Dubbed “Muhstik,” the botnet in question has been around since March 2018. It is infamous for attacking Linux-based services like WordPress as well as devices powered by the internet of things (IoT) technology.      

Like a slew of similar botnets, Muhstik relies on XMRig, an open-source CPU miner for privacy coin Monero (XMR), for monetization purposes.     

The botnet receives an instruction to download the miner from command-and-control (C&C) servers, according to researcher Chris Hall:

“Usually Muhstik will be instructed to download an XMRrig miner and a scanning module. The scanning module is used for growing the botnet through targeting other Linux servers and home routers.”    

Related Hackers Infect Microsoft Servers with Crypto Mining Malware. Here's How They Did It
Related
Hackers Infect Microsoft Servers with Crypto Mining Malware. Here's How They Did It

Based on its malware upload paths, Muhstik was attributed to a Chinese firm. Its C&C also shares that same SSL certificate with a site devoted to a popular anime character.       

As reported by U.Today, the Stantinko gang adopted innovative techniques to obfuscate their cryptojacking operations earlier this year.  

In 2019, French cyberpolice shut down a botnet that was responsible for infecting hundreds of thousands Windows computers around the globe.

article image
About the author

Alex Dovbnya (aka AlexMorris) is a cryptocurrency expert, trader and journalist with extensive experience of covering everything related to the burgeoning industry — from price analysis to Blockchain disruption. Alex authored more than 1,000 stories for U.Today, CryptoComes and other fintech media outlets. He’s particularly interested in regulatory trends around the globe that are shaping the future of digital assets, can be contacted at alex.dovbnya@u.today.