Saturday, July 24, 2021

Cybercriminals are Doing Microsoft Exchange Exploitation by installing Cryptojacking

Must Read

Armed Forces confirm hacking of their data network

The Malaysian Armed Forces (ATM) verified that there was a cyber assault on its information network yesterday. Armed Forces chief...

Malware Produces scam online stores on top of hacked WordPress sites

The malware gang poisoned the victims' XML sitemaps with tens of thousands of scammy entrances, lowering the websites' SERP...

This ransomware is growing in Strength and May become a threat researchers warn

Ransomware that necessitates millions of dollars from sufferers and has been updated with new attributes could develop into another...

Cybercriminals continue to exploit Microsoft Exchange unpatched servers. Cybersecurity investigators at Sophos report an unknown attack after trying to use ProxyLogon to exploit the malicious Monero crypto-miner from Exchange servers, while a paid load is held on the damaged Exchange server.

Cyber ​​attackers are scanning the Internet for compromising Microsoft Exchange servers that can exploit us to create a cryptocurrency. “Free money for attackers,” warns cybersecurity researchers.

Monero is not valuable as Bitcoin, but it is easy to install and, especially for cybercriminals, provides a lot of anonymity, which makes the wallet owner – and those who follow the attack – difficult to track.

Cybersecurity investigators in Sophos reported that the Monero wallet of the threat actor after the attack began earning money on March 9 (Patch Tuesday when Exchange updates were released as part of the review cycle), coinciding with a time when researchers first saw the attack.

Over time, the attacker lost several servers and the outcome of the crypto mines declined, but then he acquired more new ones than he did with the initial loss, Sophos reported.

While the risk of cryptocurrency miners may not sound as bad as hacking or loss of sensitive data, there is still a concern for organizations.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.


Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This