Dismiss this notice
ExpressVPN Valentines 2021 Giveaway - https://www.geeks.fyi/showthread.php?tid=14246

Dismiss this notice
Internet Download Manager Giveaway - https://www.geeks.fyi/showthread.php?tid=14245

Thread Rating:
  • 1 Vote(s) - 5 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Attackers Target ProxyLogon Exploit to Install Cryptojacker
#1
Information 
Quote:Cryptojacking can be added to the list of threats that face any unpatched Exchange servers that remain vulnerable to the now-infamous ProxyLogon exploit, new research has found.
 
Researchers discovered the threat actors using Exchange servers compromised using the highly publicized exploit chain—which suffered a barrage of attacks from advanced persistent threat (APT) groups to infect systems with everything from ransomware to webshells—to host Monero cryptomining malware, according to a report posted online this week by SophosLabs.
 
“An unknown attacker has been attempting to leverage what’s now known as the ProxyLogon exploit to foist a malicious Monero cryptominer onto Exchange servers, with the payload being hosted on a compromised Exchange server,” Sophos principal researcher Andrew Brandt wrote in the report.
 
Researchers were inspecting telemetry when they discovered what they deemed an “unusual attack” targeting the customer’s Exchange server. Sophos researchers Fraser Howard and Simon Porter were instrumental in the discovery and analysis of the novel threat, Brandt acknowledged.
 
Researchers said they detected the executables associated with this attack as Mal/Inject-GV and XMR-Stak Miner (PUA), according to the report. Researchers published a list of indicators of compromise on the SophosLabs GitHub page to help organizations recognize if they’ve been attacked in this way.

Read more: Attackers Target ProxyLogon Exploit to Install Cryptojacker | Threatpost
[-] The following 1 user Likes silversurfer's post:
  • harlan4096
Reply


Forum Jump:


Users browsing this thread: 1 Guest(s)
[-]
Welcome
You have to register before you can post on our site.

Username:


Password:





[-]
Recent Posts
Fresh Loader Targets Aviation Victims wi...
A cyberattack camp...silversurfer — 17:48
Apple’s ‘Find My’ Network Exploited via ...
Apple’s “Find My d...silversurfer — 17:45
Funny pictures
Imran — 11:37
Try this if you are getting error code 0...
If you are gett...harlan4096 — 08:48
‘FragAttacks’: Wi-Fi Bugs Affect Million...
A Belgian security...silversurfer — 08:07

[-]
Birthdays
Today's Birthdays
avatar (40)tiojusop
avatar (37)Damiennug
avatar (35)acoraxe
Upcoming Birthdays
avatar (23)jayc137
avatar (43)Jerrycix
avatar (35)awedoli
avatar (77)WinRARHowTo
avatar (34)axuben
avatar (35)ihijudu
avatar (44)contjrat
avatar (39)knigiJow
avatar (41)1stOnecal
avatar (45)Mirzojap
avatar (31)idilysaju
avatar (35)GregoryRog
avatar (40)mediumog
avatar (35)odukoromu
avatar (41)Joanna4589

[-]
Online Staff
There are no staff members currently online.

>