A group of intruders called Rocke infects the server with cloud services of mining viruses for mining cryptocurrency
The Chinese cybercrime group ROCKE began to attack the Apache, Oracle and Redis servers using the Pro-Ocean mining virus. The first to pay attention to analysts Palo Alto Networks.
The virus focuses on Apache Activemq servers, Oracle WebLogic and Redis, while it is able to infect devices automatically and masked independently. Because of these features it is harder to reveal and stop
Join our telegram channel to be aware of the main trends of the crypton.
As soon as the virus finds a vulnerability and settled on the machine, it automatically downloads and installs all malicious software on it through a remote HTTP server.
It is noteworthy that before installing the harmful software is looking for competitors. If it finds other miners, then immediately removes them. The virus then completely switches the load of the central processor of the MONERO crying cryptocurrency (XMR).
XXI century virus
According to the Palo Alto Networks report, the mining virus connects to the pool Pool.MinexMR [.] COM for XMR production. The whole goal of the attack, emphasizes cybersecurity experts, is to use 100% CPU for mining cryptocurrency.
Learn how to trade on the cryptocurrency market together with the BEINCRYPTO partner - Stormgain cryptocurrency exchange
However, in addition to automatic installation and connecting to the mining pool, the virus is also able to fight tools to identify it. For example, malware can delete software designed to identify abnormal activity.
See also: The danger of the attack of the Mainer virus is underestimated
It is worth noting that XMR has long been considered one of the priority coins for "black" mining. The bad glory of cryptocurrencies broke up to such a scale that the US Tax Service promised to pay $ 625 thousand. Anyone who can hack it.
Because of its reputation, some exchanges decided to avoid XMR, removing cryptocurrency from listing. For example, at the end of July, BEINCRYPTO wrote that Coinbase would not include XMR in its listing due to problems with regulation around the coin. Later from XMR secretly got rid of cryptochege ShapeShift.
What do you think? Share with us your thoughts in the comments and join the discussion in our telegram channel.
The POST The Pro-Ocean Mining virus has adapted Apache and Oracle Server for Monero Appeared First On Beincrypto.