Latest news about Bitcoin and all cryptocurrencies. Your daily crypto news habit.
U.S security firm Trend Micro has discovered a Monero crypto-mining attack targeting Linux Servers. The latest attack has been linked to an earlier $3 million USD Windows hack.
According to the Trend Micro report, a group has taken advantage of a vulnerability in the Network Weathermap plugin for Cacti. The open-source visualization tool is widely used by ISPs, internet exchanges, telecommunications networks, and Fortune 500 companies to map network activity.
Hackers Have Made $75,000 USD So Far
Trend Microās Smart Protection Network indicates the hack is still ongoing and primarily affects Network Weathermap users in Japan, Taiwan, China, the U.S, and India. It has discovered two Monero wallets receiving funds from the hack totaling illegal crypto-mining returns of $74,677 as of March 21st, 2018.
The Network Weathermap attack has been connected to an earlier hack which used JenkinsMiner malware on Windows machines and made hackers at least $3 million USD in Monero.
Trend Micro believes that the hackers may have taken advantage of a security flaw and a delay in the Network Weathermap owners āpatchingā, or updating, of their open source tool:
Itās possible these attackers are taking advantage not only of a security flaw for which an exploit is readily available but also ofĀ patch lagĀ that occurs in organizations that use the open-source tool.
The hackers are exploiting CVE-2013-2618, a five-year-old vulnerability in the Network Weathermap system. They have exploited the flaw to gain code execution ability on the underlying servers, installing a customized version of legitimate mining software XMRig. The report explains:
Itās also a classic case of reused vulnerabilities, as it exploits a rather outdated security flaw whose patch has been available for nearly five years.
Users May Still Be Inadvertently Mining Monero
As the hack is ongoing, users of the Network Weathermap tool could still be inadvertently mining Monero, which is then being transferred to the hackersā Monero wallets. According to Trend Micro, victims of the attack will be running Linux x86-64, Cacti, and the outdated Network Weathermap plugin with open access to an internet connection.
Monero Is the Hackerās Coin of Choice
Monero is the most anonymous of the leading cryptocurrencies and as such is utilized widely in attacks of this nature. Monero coins do not have any identifying attributes, all coins are the same. Stolen, or illegally mined coins cannot be blocked by exchanges or wallets. Monero user addresses are also hidden by Moneroās use of ring signatures and stealth addresses.
Do you use the Network Weathermap tool? Have you been an inadvertent victim of a cryptocurrency mining hack? Weād like to hear your comments.
Images courtesy of iStockPhoto, Trend Micro
The post Hackers Net Thousands in Monero Thanks to Vulnerability in Network Weathermap Plugin appeared first on Bitcoinist.com.
Disclaimer
The views and opinions expressed in this article are solely those of the authors and do not reflect the views of Bitcoin Insider. Every investment and trading move involves risk - this is especially true for cryptocurrencies given their volatility. We strongly advise our readers to conduct their own research when making a decision.