Anatomy of an Active Cryptomining Worm

AT&T Cybersecurity has conducted a technical analysis of the common malicious implants used by threat actors targeting vulnerable Exim, Confluence and WebLogic servers.

1 Min Read
Script
AT&T Cybersecurity

AT&T Cybersecurity has conducted a technical analysis of the common malicious implants used by threat actors targeting vulnerable Exim, Confluence and WebLogic servers. Upon exploitation, malicious implants are deployed on the compromised machine. While most of the attacks described are historical, we at AT&T Cybersecurity are continuing to see new attacks, which can be further researched here.

The main goal of the malicious implants thus far has been mining Monero cryptocurrency. For the complete, detailed analysis of how an active cryptomining worm works, including scripts, click here.

This guest blog is part of a Channel Futures sponsorship.

Read more about:

MSPs
Free Newsletters for the Channel
Register for Your Free Newsletter Now

You May Also Like