The latest critical RCE (remote code execution) vulnerability in Drupal - one of the most popular CMSs today - piqued the attackers’ interest who, in turn, harnessed recent exploits of this vulnerability to carry out various web application attacks. In this post, we touch on yet another cryptojacking technique distributing the mining effort beyond the targeted web application servers and internal network and reaching future visitors of the attacked web applications. The above-mentioned attacks, part of the recent cryptojacking attack trend, are quickly becoming fashionable among web attackers – harnessing vulnerable machines as miners in their digital cave. ![]() In our recent cryptojacking blog posts we covered a wide range of cryptojacking attack techniques, ranging from infecting a single target to a worm-like infection of the connected networks operating as miners farms. In accordance with the latest dark web app hype, it wasn’t long until we started picking up cryptojacking exploit attempts directed at remote servers as well. ![]() It’s been a month since the first Drupalgeddon 2.0 RCE (SA-CORE-2018-002/ CVE-2018-7600) exploit was first published, unleashing its destruction into the wild…and through our cloud monitoring systems.Īs expected, since then we’ve been picking up various attack variants piggybacking on the Drupalgeddon 2.0 exploit, including remote scanners and backdoor attempts.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |