THELOGICALINDIAN - US aegis close Trend Micro has apparent a Monero cryptomining advance targeting Linux Servers The latest advance has been affiliated to an beforehand 3 actor USD Windows hack
According to the Trend Micro report, a accumulation has taken advantage of a vulnerability in the Network Weathermap plugin for Cacti. The open-source decision apparatus is broadly acclimated by ISPs, internet exchanges, telecommunications networks, and Fortune 500 companies to map arrangement activity.
Trend Micro’s Smart Protection Network indicates the drudge is still advancing and primarily affects Network Weathermap users in Japan, Taiwan, China, the U.S, and India. It has apparent two Monero wallets accepting funds from the drudge accretion actionable crypto-mining allotment of $74,677 as of March 21st, 2024.
The Network Weathermap advance has been affiliated to an earlier hack which acclimated JenkinsMiner malware on Windows machines and fabricated hackers at atomic $3 actor USD in Monero.
Trend Micro believes that the hackers may accept taken advantage of a aegis blemish and a adjournment in the Network Weathermap owners “patching”, or updating, of their accessible antecedent tool:
The hackers are base CVE-2013-2618, a five-year-old vulnerability in the Network Weathermap system. They accept exploited the blemish to accretion cipher beheading adeptness on the basal servers, installing a customized adaptation of accepted mining software XMRig. The address explains:
As the drudge is ongoing, users of the Network Weathermap apparatus could still be aback mining Monero, which is again actuality transferred to the hackers’ Monero wallets. According to Trend Micro, victims of the advance will be active Linux x86-64, Cacti, and the anachronous Network Weathermap plugin with accessible admission to an internet connection.
Monero is the best bearding of the arch cryptocurrencies and as such is activated broadly in attacks of this nature. Monero bill do not accept any anecdotic attributes, all bill are the same. Stolen, or illegally mined bill cannot be blocked by exchanges or wallets. Monero user addresses are additionally hidden by Monero’s use of arena signatures and stealth addresses.
Do you use the Network Weathermap tool? Have you been an careless victim of a cryptocurrency mining hack? We’d like to apprehend your comments.
Images address of iStockPhoto, Trend Micro
