Stories
Slash Boxes
Comments

SoylentNews is people

Windows and Linux Devices are Under Attack by a New Cryptomining Worm

posted by Fnord666 on Saturday April 10 2021, @06:54PM   Printer-friendly
from the gold-digger dept.

Freeman writes:

https://arstechnica.com/gadgets/2021/04/windows-and-linux-devices-are-under-attack-by-a-new-cryptomining-worm/

A newly discovered cryptomining worm is stepping up its targeting of Windows and Linux devices with a batch of new exploits and capabilities, a researcher said.

Research company Juniper started monitoring what it's calling the Sysrv botnet in December. One of the botnet's malware components was a worm that spread from one vulnerable device to another without requiring any user action. It did this by scanning the Internet for vulnerable devices and, when found, infecting them using a list of exploits that has increased over time.

The malware also included a cryptominer that uses infected devices to create the Monero digital currency. There was a separate binary file for each component.
[...]
"Based on the binaries we have seen and the time when we have seen them, we found that the threat actor is constantly updating its exploit arsenal," Juniper researcher Paul Kimayong said in a Thursday blog post.

Straight from the above blog post, the malware's exploits include:

Exploit Software
CVE-2021-3129 Laravel
CVE-2020-14882 Oracle Weblogic
CVE-2019-3396 Widget Connector macro in Atlassian Confluence Server
CVE-2019-10758 Mongo Express
CVE-2019-0193 Apache Solr
CVE-2017-9841 PHPUnit
CVE-2017-12149 Jboss Application Server
CVE-2017-11610 Supervisor (XML-RPC)
Apache Hadoop Unauthenticated Command Execution via YARN ResourceManager (No CVE) Apache Hadoop
Brute force Jenkins Jenkins
Jupyter Notebook Command Execution (No CVE) Jupyter Notebook Server
CVE-2019-7238 Sonatype Nexus Repository Manager
Tomcat Manager Unauth Upload Command Execution (No CVE) Tomcat Manager
WordPress Bruteforce WordPress

Original Submission

 
This discussion has been archived. No new comments can be posted.
Windows and Linux Devices are Under Attack by a New Cryptomining Worm | Log In/Create an Account | Top | 23 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 4, Informative) by martyb on Sunday April 11 2021, @11:46PM (1 child)

    by martyb (76) Subscriber Badge on Sunday April 11 2021, @11:46PM (#1136166) Journal

    The table cells are explicitly restricted to 312px width in the HTML source. Not a huge deal, but it forced a little wrapping in my browser window.

    Ooops! I noticed that when I copy/pasted from the source, but forgot to clean it up before saving. My bad! And... fixed!

    Maybe the next time a table is put in the summary (and it would be helpful to hide large tables in a spoiler tag), a little validation could be used to make sure there aren't arbitrary formatting limits like this.

    1.) Added a spoiler tag as suggested. Good idea!

    2.) The UI for editing stories is — how to put this graciously — excruciatingly useful.

    3.) There is already so much stuff for editors to mentally track that we have a policy of trying to have another editor review a story before it goes live on the site. Doesn't always happen, but we do strive for it and do succeed the vast majority of the time. We'll add this to the collection.

    --
    Wit is intellect, dancing.
    Starting Score:    1  point
    Moderation   +2  
       Informative=2, Total=2
    Extra 'Informative' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   4  

  • (Score: 2) by krishnoid on Monday April 12 2021, @12:06AM

    by krishnoid (1156) on Monday April 12 2021, @12:06AM (#1136178)

    I was thinking of programmatic validation on tables specifically for extra stuff in the tags (since most of the rest of the articles are pretty much text and quotes). Thanks!