New Cryptojacking Malware Targeting Apache, Oracle, Redis Servers
1 min read
Feb 01, 2021
The evasive new Pro-Ocean cryptojacking malware is sidestepping security defenses and targeting Apache, Oracle and Redis servers.
A financially-motivated threat actor notorious for its cryptojacking attacks has leveraged a revised version of their malware to target cloud infrastructures using vulnerabilities in web server technologies, according to new research.
Deployed by the China-based cybercrime group Rocke, the Pro-Ocean cryptojacking malware now comes with improved rootkit and worm capabilities, as well as harbors new evasion tactics to sidestep cybersecurity companies' detection methods, Palo Alto Networks' Unit 42 researchers said in a Thursday write-up.
"Pro-Ocean uses known vulnerabilities to target cloud applications," the researchers detailed. "In our analysis, we found Pro-Ocean targeting Apache ActiveMQ (CVE-2016-3088), Oracle WebLogic (CVE-2017-10271) and Redis (unsecure instances)."
The link for this article located at The Hacker News is no longer available.
Related Articles
1 - 0 min read
Spectre V2: A New Threat to Linux Systems
1 - 0 min read
Hacked VMs Reveal New Attack Risks
1 - 0 min read
Multiple Chromium DoS, Info Disclosure Vulns Fixed [Updated]
