News

New Golangbased Windows Linux December Monerogatlanbleepingcomputer

Introduction

New Windows December Monerogatlanbleepingcomputer – As per the study by www.bleepingcomputer.com, A newly discovered and self-popularity Golang-based malware has also been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December.

Hence, this multiple-platform malware also has worn capabilities that allow it to spread to other systems by brute forcing public-facing services (i.e., MySQL, Tomcat, Jenkins and WebLogic) with weak passwords. The attackers behind this campaign have been actively updating the worm’s capabilities through its command and control server since it was first spotted, which hints at an actively maintained malware.

Additionally, C2 servers host bash or PowerShell dropper script (depending on the target platform), a Golang-based binary worm, and XMRig miners implemented to surreptitiously my untraceable Monero cryptocurrency on infected devices. The ELF worm binary and bash dropper script have not been detected on VirusTotal at the time of this post.

New Windows December Monerogatlanbleepingcomputer

As per the research by www.techmeme.com, a New Golang-based worm has been actively launching XMRigs cryptocurrency malware on Windows and Linux servers since early December, mining Monero: A newly discovered, self-propagating Golang-based malware has been actively launching XMRig cryptocurrency miners on Windows servers and Linux since the beginning of December. December.

New Windows December Monerogatlanbleepingcomputer – The fact that the worm code is almost identical for both PE and ELF malware, and that ELF malware goes undetected by VirusTotal, demonstrates that Linux threats continue to go undetected by most security and detection platforms,” he added. Mechtinger.

Hence, To defend against brute force attacks launched by this new cross-platform worm, you should limit logins and use hard-to-guess passwords on all services exposed to the Internet, as well as two-factor authentication wherever possible.

New Golangbased Xmrig Windows December Monerogatlanbleepingcomputer

As per the study by www.hackread.com, The Multi-platform malware is a bit more dangerous than others, as it could infect multiple operating systems simultaneously. An example of one of the latter is Golang-based malware.

New Windows December Monerogatlanbleepingcomputer – The new Goland Based XMRig malware has been actively installing. The XMRig miner on Windows and Linux servers since early December 2020 to mine cryptocurrency.

However, These servers that Monero Gatlan Bleeping computer are targeted based on the facts. That they are facing the public in the form of MySQL databases or Tomcat admin panels. For example, combined with poor security practices.

Discovered by cybersecurity researchers at Intezer, The malware operates with the help of 3 main files that reside on a C2 server:

  • A Bash or Powershell-based script to remove the malware
  • A Golang-based binary worm
  • The XMrig miner itself

So, Since the first 2 (the ones for the Linux version) have not been detected by virus scanning platforms like VirusTotal, it shows us that it has successfully bypassed security filters.

New Xmrig Windows Linux December Monerogatlanbleepingcomputer

A new worm written in Golang turns Windows and Linux servers into miners for the Monero cryptocurrency.

According to the study by www.scmagazine.com, In a blog post on Wednesday, Intezer researchers said the worm spreads through the network to run XMRig Miner, a monero cryptocurrency miner, on a large scale. The malware targets Windows and Linux servers and can easily manoeuvre from one platform to another. It targets public services like MySQL, Tomcat admin panel, and Jenkins with weak passwords. In an earlier version, the worm also attempted to exploit the latest WebLogic vulnerability: CVE-2020-14882.

Furthermore, During their analysis, the researchers discovered that the attacker kept updating the worm on the command and control server. Indicating that it is active and could target additional weak configured services in future updates.

Hence, the attack uses three files: a dropper script (bash or powershell), a Golang binary worm. And an XMRig Miner, all hosted on the same command and control server.

Golangbased Xmrig Windows Linux December Monerogatlanbleepingcomputer

As per the study by www.securityaffairs.co, the experts from Intezar discovered a new, self-spreading Golangbased malware that targets windows and Linux servers. So, the malware was actively seen in December, targeting public services. However, MySQL, Tomcat admin panel and Jenkins are protects with weak passwords.

So, the worm spreads by scanning the systems and running credentials, spraying brute force attacks. The malware leverages a hardcoded dictionary with weak credentials for the attack.

However, Experts pointed out that the older version of the worm also attempted to exploit the CVE-2020-14882 WebLogic vulnerability. Hence, the attacks observed by the experts use three files hosted on the same C&C, a dropper script (bash or powershell), a Golang-binary worm, and the XMRig Miner. The threat actors behind this campaign have been actively updating the malicious code.

The experts detailed the attack chain for Linux and Windows servers. And they also provided the following list of precautions to prevent brute force attacks and vulnerability exploitation:

  • Use complex passwords, limit login attempts, and 2FA (two-factor authentication) if possible.
  • Minimize your use of utilities.
  • So, to keep your software up to date with the latest security patches.
  • Use a Cloud Workload Protection Platform (CWPP) such as Intezer Protect to get complete runtime visibility into the code in your system and receive alerts on any malicious or unauthorized code. We have a free community edition

Conclusion

In my content, I want to describe that New Windows December Monerogatlanbleepingcomputer. New Golang-based worm has been actively launching XMRigs cryptocurrency malware on Windows and Linux servers since early December, mining Monero. A newly discovered, self-propagating Golang-based malware has been actively launching XMRig. Cryptocurrency miners on Windows servers and Linux since the beginning of December.

Also Read: Actzero 40m Point72 Smbslundentechcrunch

Related Searches:

Bleeping computer

Bleeping computer downloads

Astralocker

Bleeping computer ransomware

Bleeping computer combofix windows 10

The hacker news

Bleeping computer adwcleaner

Is bleepingcomputer safe reddit

Bleeping computer downloads

Computer kill Bleeping

The hacker news

Bleeping computer ransomware

Bleeping computer twitter

computer security Bleeping

Bleeping computer ransomware

Cyber security news

Bleeping computer downloads

Computer Twitter Bleeping

Bleeping computer rss

The hacker news

Computer combofix windows 10 Bleeping

Bleeping computer malwarebytes

Vigor Business

Share
Published by
Vigor Business

Recent Posts

logo:38o-de4014g= Ferrari: Every Kind Of Information About This

One immediately thinks of Ferrari when one is thinking about high-end sports vehicles. This recognizable… Read More

September 25, 2024

Color:jbdxffqdw74= White in Modern Design: A Complete Guide

In the world of design, color:jbdxffqdw74= There is no doubt that white serves many functions;… Read More

August 23, 2024

Benefits of watching movies on the Filmy 4 Wap in platform

All About Filmy 4 Wap Filmy 4 Wap  - In the world of virtual media… Read More

July 31, 2024

Economic Expansion – Growth, Solutions, and More

Introduction Economic expansion is the increase in the production of goods and services for the… Read More

April 22, 2024

In Wordle 209 – Play Wordle and More

Introduction In this article, you will find the Wordle answer for today, January 14, 2022.… Read More

April 22, 2024

Minitv Amazon Indiasinghtechcrunch

Introduction Minitv Amazon Indiasinghtechcrunch - Since, the Amazon has long maintained that its video streaming… Read More

April 22, 2024