Azure Security Center exposes crypto miner campaign

added by DotNetKicks
4/8/2019 6:09:24 PM


Yaniv Zohar Security Researcher and Software Engineer, Azure Security Center Azure Security Center discovered a new cryptocurrency mining operation on Azure customer resources. This operation takes advantage of an old version of known open source CMS, with a known RCE vulnerability ( CVE-2018-7600) as the entry point, and then after using the CRON utility for persistency, it mines "Monero" cryptocurrency using a new compiled binary of the "XMRig" open-source crypto mining tool.