Cryptocurrency mining malware uses five-year old vulnerability to mine Monero on Linux servers

Faybert

Level 24
Thread author
Verified
Top Poster
Well-known
Jan 8, 2017
1,318
Hackers are using a five-year-old security vulnerability to infect Linux servers with cryptocurrency-mining malware.

The cryptojacking campaign exploits CVE-2013-2618, an old vulnerability in Cacti's Network Weathermap plug-in, an open source tool which is used by network administrators to visualise network activity.

Attackers can use the vulnerability to inject HTML and JavaScript into the title of maps in the network editor, as well as uploading malicious PHP code to a webserver.

The vulnerability was disclosed in April 2013 and the patch has been available for almost five years, but attackers are still using it to help mine cryptocurrency in 2018.
....
....
Researchers uncovered some of the wallets, and say by using these miners, one attacker has acquired 320 Monero -- which works out at just under $75,000. However, they note that is only a small proportion of what has been acquired by this campaign, which could have mined $3m worth of the cryptocurrency.

While attackers are always trying to find means of carrying out attacks, keeping systems patched is a good way to secure systems -- while servers might be more difficult to patch than a PC, there's little reason to have not applied a five-year-old update.

Researchers also recommend that for those running Cacti's Network Weathermap plug-in, the data should be kept secure and away from public servers.
....
....
 
  • Like
Reactions: Mariihh

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top