A new cryptojacking malware reportedly has the ability to disable cloud-based security measures to avoid detection on Linux-based servers.
The malware in question mines Monero (XMR) and is reportedly a modified version of one used by the so-called “Rocke” group, originally discovered by cybersecurity firm Talos in August last year. According to the research, one of the first things that the malware does is check for other cryptocurrency mining processes and add firewall rules to block any other cryptojacking malware.
The virus reportedly also searches for cloud security services by Chinese internet giants Tencent and Alibaba and neutralizes them in an attempt to remain concealed. Ryan Olson, vice president for threat intelligence at Palo Alto Networks explained:
“This evolution indicates that attackers who are compromising hosts operating in cloud platforms are now attempting to evade security products that are specific to those platforms.”
The virus also reportedly takes advantage of known vulnerabilities in older versions of Apache Struts 2, Oracle WebLogic and Adobe ColdFusion to infect the systems. Still, keeping the software updated to the latest version prevents the attack, according to the report.
As Cointelegraph reported in December last year, cryptojacking malware activity rose by over 4000 percent in 2018, according to a new quarterly report published by cybersecurity firm McAfee Labs.
According to another report published the same month, 415,000 MikroTik routers had been affected by cryptojacking malware at that time, double the number of infected devices since last summer.
Source: , CoinTelegraph
Articles listed with Cash Tech News as the author are either general information, or may have been imported from another website, to bring our readers a rich media experience that encompasses articles that we find interesting, as well as those curated by others.
The views and opinions expressed here are for informational purposes only, and should not be confused with professional financial advice. These opinions are solely those of the author and do not necessarily reflect the views of CashTechNews.com. Every investment and trade involves risk. You should conduct your own research, and contact your professional financial advisor before making any investment.
Corrections, feedback, and ideas should be submitted through the website contact form.