BlackSquid Malware Infects Servers to Install Monero Cryptojacking Software

Cybersecurity firm Trend Micro announced that it found a malware dubbed BlackSquid that infects web servers employing eight different security exploits and installs mining software. The findings were announced in a blog post published on June 3.

Per the report, the malware targets web servers, network drives and removable drives using eight different exploit and brute force attacks. More precisely, the software in question employs “EternalBlue; DoublePulsar; the exploits for CVE-2014-6287, CVE-2017-12615, and CVE-2017-8464; and three ThinkPHP exploits for multiple versions.”

While the sample acquired by Trend Micro installs the XMRig monero (XMR) Central Processing Unit-based mining software, BlackSquid could also deliver other payloads in the future. According to Trend Micro data, most of the instances of the malware in question have been detected in Thailand and the United States.

The malware can reportedly infect a system via three different routes: through a website hosted on an infected server, exploits, and removable or network drives. BlackSquid also cancels the infection protocol if it detects that the username, device driver or the disk drive model suggests that the software is running in a sandbox environment.

As Cointelegraph recently reported, as many as 50,000 servers worldwide have allegedly been infected with an advanced cryptojacking malware that mines the privacy-focused open source cryptocurrency turtlecoin (TRTL).

At the beginning of May, Trend Micro also noted that cybercriminals are now exploiting known vulnerability CVE-2019-3396 for crypto mining in the software Confluence, a workspace productivity tool made by Atlassian.



Author: Cointelegraph By Adrian Zmudzinski

Source link

Related posts

12 Thoughts to “BlackSquid Malware Infects Servers to Install Monero Cryptojacking Software”

  1. … [Trackback]

    […] Info to that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  2. … [Trackback]

    […] Read More Info here to that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  3. … [Trackback]

    […] Info to that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  4. … [Trackback]

    […] Information to that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  5. … [Trackback]

    […] Read More here to that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  6. sbo

    … [Trackback]

    […] There you can find 10091 more Info to that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  7. … [Trackback]

    […] Here you will find 79893 additional Info to that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  8. … [Trackback]

    […] Read More here on that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  9. … [Trackback]

    […] Here you will find 58835 more Information to that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  10. … [Trackback]

    […] Read More Information here to that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  11. … [Trackback]

    […] Find More on that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

  12. … [Trackback]

    […] Find More on that Topic: tradingbtc.com/2019/06/04/blacksquid-malware-infects-servers-to-install-monero-cryptojacking-software/ […]

Leave a Comment