Wednesday, February 1, 2023
DLTEMPIRE
  • Home
  • News
  • Blockchain
  • Ethereum
  • BNB
  • Binance
  • Luna Crash
  • Crypto Mining
  • DeFi
  • ICO
  • Regulation
  • Top 10 coins
No Result
View All Result
  • Home
  • News
  • Blockchain
  • Ethereum
  • BNB
  • Binance
  • Luna Crash
  • Crypto Mining
  • DeFi
  • ICO
  • Regulation
  • Top 10 coins
No Result
View All Result
DLTEMPIRE
No Result
View All Result
Home Crypto Mining

Hackers Targeting Unpatched Atlassian Confluence Servers to Deploy Crypto Miners

Lucinda Keatinge by Lucinda Keatinge
September 22, 2022
in Crypto Mining
0
Hackers Targeting Unpatched Atlassian Confluence Servers to Deploy Crypto Miners
0
SHARES
0
VIEWS
Share on FacebookShare on Twitter


Atlassian Confluence Server Hacking

A now-patched critical security flaw affecting Atlassian Confluence Server that came to light a few months ago is being actively exploited for illicit cryptocurrency mining on unpatched installations.

“If left unremedied and successfully exploited, this vulnerability could be used for multiple and more malicious attacks, such as a complete domain takeover of the infrastructure and the deployment information stealers, remote access trojans (RATs), and ransomware,” Trend Micro threat researcher Sunil Bharti said in a report.

The issue, tracked as CVE-2022-26134 (CVSS score: 9.8), was addressed by the Australian software company in June 2022.

CyberSecurity

In one of the infection chains observed by the cybersecurity company, the flaw was leveraged to download and run a shell script (“ro.sh”) on the victim’s machine, which, in turn, fetched a second shell script (“ap.sh”).

The malicious code is designed to update the PATH variable to include additional paths such as “/tmp”, download the cURL utility (if not already present) from a remote server, disable iptables firewall, abuse the PwnKit flaw (CVE-2021-4034) to gain root privileges, and ultimately deploy the hezb crypto miner.

Like other cryptojacking attacks, the shell script also terminates other competing coin miners, disables cloud service provider agents from Alibaba and Tencent, before carrying out lateral movement via SSH.

The findings mirror similar exploitation attempts previously disclosed by Lacework, Microsoft, Sophos, and Akamai in June.

CyberSecurity

Lacework’s analysis further shows that the command-and-control (C2) server used to retrieve the cURL software as well as the hezb miner also distributed a Golang-based ELF binary named “kik” that enables the malware to kill processes of interest.

Users are advised to prioritize patching the flaw as it could be abused by threat actors for other nefarious purposes.

“Attackers could take advantage of injecting their own code for interpretation and gain access to the Confluence domain being targeted, as well as conduct attacks ranging from controlling the server for subsequent malicious activities to damaging the infrastructure itself,” Bharti said.





Source link

Tags: AtlassianConfluenceCryptodeployHackersminersServerstargetingUnpatched
Previous Post

21Shares launches short and core ethereum ETPs following ‘merge’

Next Post

China makes up 84 per cent of blockchain applications worldwide, official says – South China Morning Post

Lucinda Keatinge

Lucinda Keatinge

Next Post
China makes up 84 per cent of blockchain applications worldwide, official says – South China Morning Post

China makes up 84 per cent of blockchain applications worldwide, official says - South China Morning Post

  • Trending
  • Comments
  • Latest
Veteran pilot killed in vintage airplane crash in Kern County

Veteran pilot killed in vintage airplane crash in Kern County

September 3, 2022
Wells Fargo Mentioned Ripple (XRP) As A Digital Currency In August Report

Wells Fargo Mentioned Ripple (XRP) As A Digital Currency In August Report

August 16, 2022
Sold Out Presale Creating Huge Interest In Gnox (GNOX) From Binance Coin (BNB) And PancakeSwap (CAKE) Holders

Sold Out Presale Creating Huge Interest In Gnox (GNOX) From Binance Coin (BNB) And PancakeSwap (CAKE) Holders

August 16, 2022
Best Coins To Buy On PancakeSwap App In August 2022

Best Coins To Buy On PancakeSwap App In August 2022

August 12, 2022
How the Stance of World’s Top Crypto Exchange Could Impact Possibility of Future Ethereum Forks

How the Stance of World’s Top Crypto Exchange Could Impact Possibility of Future Ethereum Forks

0
Binance, Mastercard launch prepaid card in Argentina to bridge cryptocurrencies, everyday purchases

Binance, Mastercard launch prepaid card in Argentina to bridge cryptocurrencies, everyday purchases

0
What is Alpaca Finance? – Asia Crypto Today

What is Alpaca Finance? – Asia Crypto Today

0
Blockchain ETF’s Top Holding Has Been a Strong Outperformer

Blockchain ETF’s Top Holding Has Been a Strong Outperformer

0
A New digital currency that enables Private Permissionless Payments on Blockchain

A New digital currency that enables Private Permissionless Payments on Blockchain

February 1, 2023
Provident in Massachusetts pushing past crypto woes

Provident in Massachusetts pushing past crypto woes

February 1, 2023
Bitcoin, Ethereum, and Equity Markets Drop as Fed Likely to Hike … – The Coin Republic

Bitcoin, Ethereum, and Equity Markets Drop as Fed Likely to Hike … – The Coin Republic

February 1, 2023
BNB Bowl 2023 lineup (Pain of Truth, Death Threat, Bulldoze, Merauder, End It, All Out War & more)

BNB Bowl 2023 lineup (Pain of Truth, Death Threat, Bulldoze, Merauder, End It, All Out War & more)

February 1, 2023

Recent News

A New digital currency that enables Private Permissionless Payments on Blockchain

A New digital currency that enables Private Permissionless Payments on Blockchain

February 1, 2023
Provident in Massachusetts pushing past crypto woes

Provident in Massachusetts pushing past crypto woes

February 1, 2023
Bitcoin, Ethereum, and Equity Markets Drop as Fed Likely to Hike … – The Coin Republic

Bitcoin, Ethereum, and Equity Markets Drop as Fed Likely to Hike … – The Coin Republic

February 1, 2023
BNB Bowl 2023 lineup (Pain of Truth, Death Threat, Bulldoze, Merauder, End It, All Out War & more)

BNB Bowl 2023 lineup (Pain of Truth, Death Threat, Bulldoze, Merauder, End It, All Out War & more)

February 1, 2023

Recent News

A New digital currency that enables Private Permissionless Payments on Blockchain

A New digital currency that enables Private Permissionless Payments on Blockchain

February 1, 2023
Provident in Massachusetts pushing past crypto woes

Provident in Massachusetts pushing past crypto woes

February 1, 2023

Categories

  • Altcoin
  • Artificial Intelligence
  • Binance
  • Blockchain
  • BNB
  • Business
  • Crypto Mining
  • DeFi
  • Education
  • Ethereum
  • Featured
  • ICO
  • Luna Crash
  • Metaverse
  • News
  • Regulation
  • Top 10 coins
  • Uncategorized

Follow Us

Follow Us

Find Via Tags

Big Binance Bitcoin Blockchain BNB BTC Buy Cardano CEO Chain Coin CoinDesk Coins crash Crypto Cryptocurrency DeFi Digital Dogecoin ETH Ethereum Exchange eyes Finance FTX Heres Investors latest LUNA Market Merge Million mining Network News NFT Prediction Price Protocol Regulation Solana Token Top Tweet Week

© 2021 Dltempire

No Result
View All Result
  • Home
  • News
  • Blockchain
  • Ethereum
  • BNB
  • Binance
  • Luna Crash
  • Crypto Mining
  • DeFi
  • ICO
  • Regulation
  • Top 10 coins

© 2021 Dltempire