In line with a recent ‘analysis report‘ published by Security Intelligence firm ‘Trend Micro Inc.’, cybercriminals are presently reportedly utilizing well-known vulnerability CVE-2019-3396 within the software ‘Confluence’, a work-space productivity tool created by ‘Atlassian‘.
The exploit that has been developed permits cybercriminals to stealthily install and operate a Monero [XMR] miner on a vulnerable system, furthermore as covering up the mining activity by employing a ‘rootkit‘ to hide the malware’s network activity and toll on the host’s CPU [Central Processing Unit].
As per Atlassian security ‘advisory‘, the vulnerability in question solely applies to some older versions of Confluence. However, the vulnerability could be avoided by downloading patched versions of Confluence Server and Data Center.
Also earlier in Feb., Trend Micro ‘found‘ another ‘instance‘ of Monero [XMR] mining ‘malware‘ attacks. This attack targeted Microsoft Windows users with the Windows exploit tool ‘mimikatz‘ and remote control program ‘Radmin‘. The vulnerability targeted was Windows SMB Server Vulnerability MS17-010, that has since been patched in 2017.
Cryptocurrency mining attacks are supposedly on a hike day-by-day, per an ‘announcement‘ by AT&T cybersecurity firm ‘earlier‘ in March. Per the report, several renowned on-line platforms including Amazon has also been the victim of a Monero [XMR] ‘malware‘ attack. Within this case, the attack was executed on a Kubernetes server in operation inside AWS [Amazon Web Services].