Friday, October 15, 2021

Cybercriminals are Doing Microsoft Exchange Exploitation by installing Cryptojacking

Must Read

China Released New Law Regarding vulnerability disclosure rules

The Cyberspace Administration of China (CAC) Released a New Law Regarding vulnerability disclosure rules that mandate security researchers to...

Critical ThroughTek vulnerability attackers access Millions of Connected Cameras

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on Friday, Issued an advisory about a critical vulnerability in the...

Attacks Maybe about to Make even more Harmful and Tumultuous

Cybercriminals continue to be successfully running ransomware campaigns while requiring higher ransoms than ever - and things might be...

Cybercriminals continue to exploit Microsoft Exchange unpatched servers. Cybersecurity investigators at Sophos report an unknown attack after trying to use ProxyLogon to exploit the malicious Monero crypto-miner from Exchange servers, while a paid load is held on the damaged Exchange server.

Cyber ​​attackers are scanning the Internet for compromising Microsoft Exchange servers that can exploit us to create a cryptocurrency. “Free money for attackers,” warns cybersecurity researchers.

Monero is not valuable as Bitcoin, but it is easy to install and, especially for cybercriminals, provides a lot of anonymity, which makes the wallet owner – and those who follow the attack – difficult to track.

Cybersecurity investigators in Sophos reported that the Monero wallet of the threat actor after the attack began earning money on March 9 (Patch Tuesday when Exchange updates were released as part of the review cycle), coinciding with a time when researchers first saw the attack.

Over time, the attacker lost several servers and the outcome of the crypto mines declined, but then he acquired more new ones than he did with the initial loss, Sophos reported.

While the risk of cryptocurrency miners may not sound as bad as hacking or loss of sensitive data, there is still a concern for organizations.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.

Leave a reply

Please enter your comment!
Please enter your name here

Latest News

Unified endpoint management automation software to boost endpoint security

Endpoints are constantly connected to the internet, so they offer a gateway for cyberattacks. Endpoint security is simply the process...

Attackers Using Morse Code in phishing campaign to Evade Detection

Microsoft on Thursday revealed the techniques used by attackers to avoid detection using morse code in the phishing campaign.Microsoft also revealed the workings of...

Murata Manufacturing suffers data breach of employees and customer

Japanese electronic components manufacturer Murata has released an apology Notice for the data breach of thousands of files in June that contained bank account...

Everything about Signalling System 7(SS7)

Signaling System 7 (SS7) is an international telecommunication protocol standard that controls and regulates the network elements in a public switched telephone network (PSTN)....

Zimbra flaw lets attackers access the mail servers

Researchers discovered a flaw in the open-source Zimbra code. As a result, an attacker would gain unrestricted access to all sent and received emails...

More Articles Like This