Advisories

Discover Hacks/Cracks News

New Cryptojacking Malware Targeting Apache, Oracle, Redis Servers

New Cryptojacking Malware Targeting Apache, Oracle, Redis Servers

The evasive new Pro-Ocean cryptojacking malware is sidestepping security defenses and targeting Apache, Oracle and Redis servers.

A financially-motivated threat actor notorious for its cryptojacking attacks has leveraged a revised version of their malware to target cloud infrastructures using vulnerabilities in web server technologies, according to new research.

Deployed by the China-based cybercrime group Rocke, the Pro-Ocean cryptojacking malware now comes with improved rootkit and worm capabilities, as well as harbors new evasion tactics to sidestep cybersecurity companies' detection methods, Palo Alto Networks' Unit 42 researchers said in a Thursday write-up.

"Pro-Ocean uses known vulnerabilities to target cloud applications," the researchers detailed. "In our analysis, we found Pro-Ocean targeting Apache ActiveMQ (CVE-2016-3088), Oracle WebLogic (CVE-2017-10271) and Redis (unsecure instances)."

Please enable / Bitte aktiviere JavaScript!
Veuillez activer / Por favor activa el Javascript![ ? ]

We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.