Anatomy of an Active Cryptomining Worm
AT&T Cybersecurity has conducted a technical analysis of the common malicious implants used by threat actors targeting vulnerable Exim, Confluence and WebLogic servers.
February 21, 2020
Sponsored by AT&T Cybersecurity
AT&T Cybersecurity has conducted a technical analysis of the common malicious implants used by threat actors targeting vulnerable Exim, Confluence and WebLogic servers. Upon exploitation, malicious implants are deployed on the compromised machine. While most of the attacks described are historical, we at AT&T Cybersecurity are continuing to see new attacks, which can be further researched here.
The main goal of the malicious implants thus far has been mining Monero cryptocurrency. For the complete, detailed analysis of how an active cryptomining worm works, including scripts, click here.
This guest blog is part of a Channel Futures sponsorship.
Read more about:
MSPsAbout the Author
You May Also Like