윈도우즈, 리눅스 서버를 XMRig Miner로 감염시키는 Golang 멀웨어

• 새로 발견되고 자체 확산되는 Golang 기반 악성 소프트웨어는 12월 초부터 윈도우와 리눅스 서버의 XMRig 가상화폐 광부들을 적극적으로 투하하고 있습니다.

• 이 서비스는 MySQL, Tomcat 관리 패널 및 Jenkins와 같은 약한 암호를 사용하는 공개 서비스를 대상으로 합니다.

• 분석 중, 연구원들은 공격자가 명령 및 제어 서버에서 웜을 계속 업데이트한다는 것을 발견했습니다. 웜은 활성 상태이며 향후 업데이트 시 취약한 추가 서비스를 대상으로 할 수 있습니다.

New worm turns Windows, Linux servers into Monero miners [www.bleepingcomputer.com]

New Golang worm turns Windows and Linux servers into monero miners [www.scmagazine.com]

Windows and Linux servers turned into crypto miners [www.techradar.com]

Golang malware infecting Windows, Linux servers with XMRig miner [www.hackread.com]

newest replies popular replies

Open Wiki - Feel free to edit it. -

1/2 '21 answered

A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December.https://t.co/cOxAq43o7k
— Adam Levin (@Adam_K_Levin) December 30, 2020

Typical FUD from clueless and/or dishonest media looking to blame "Linux" (or make it look as awful as back-doored Windows) because some admins misconfigure stuff or choose terrible passwords https://t.co/Dnts9mshfY
— Dr. Roy Schestowitz (罗伊) (@schestowitz) January 1, 2021

New #Golang worm drops XMRig on Windows and Linux servers. FUD in VirusTotal.
Targets WebLogic, Tomcat, Jenkins and MySQL using vulns. For example - attempted to exploit WebLogic’s CVE-2020-14882.

Full IOCs here - https://t.co/7gsRk5GmA6 @AbbyMCH ? pic.twitter.com/4Z4DkuQALZ
— Ari Eitan (@arieitan) December 29, 2020

Early bird catches the Golang worm.

New #Golang worm drops #XMRigMiner on Windows and Linux servers. Targets public facing services: MySQL, Tomcat, Jenkins and WebLogic.

Undetected in VirusTotalhttps://t.co/jzO2IBtH1I pic.twitter.com/15COFKzjNz
— Intezer (@IntezerLabs) December 29, 2020

A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December.https://t.co/cOxAq43o7k
— Adam Levin (@Adam_K_Levin) December 30, 2020

New worm turns Windows, Linux servers into Monero miners https://t.co/VgLl3Lj2Xh
— The Cyber Security Hub™ (@TheCyberSecHub) December 30, 2020

Golang malware infecting Windows, Linux servers with XMRig miner #Cybersecurity #security #ux https://t.co/rRUR3sfB3E
— Bob Carver ✭ (@cybersecboardrm) December 31, 2020

permanent link

Open Wiki - Feel free to edit it. -

1/2 '21 answered

A new Golang-based worm has been actively dropping XMRig cryptocurrency malware on Windows and Linux servers since early December, mining Monerohttps://t.co/SqEpaMLnzL
— Gregg Housh (@GreggHoush) January 1, 2021

Golang malware infecting Windows, Linux servers with XMRig miner#cybersecurity #phishing #malware #Infosec #cyberthreats #ramsomware #hacking #databreach #dataprotection #privacy #dataleak #cyberattacks https://t.co/KnAItLWXfV pic.twitter.com/WYws3KojRO
— Paula Piccard ?? ?? (@Paula_Piccard) January 1, 2021

permanent link

Reply with curations

Related

Featured