Open-source ransomware, RATs deployed on compromised TeamCity servers

A JetBrains TeamCity authentication bypass vulnerability is being leveraged to deploy open-source ransomware, remote access tools (RATs), cryptominers and Cobalt Strike beacons, according to Trend Micro research published Tuesday. Jasmin ransomware, SparkRAT backdoors and XMRig cryptocurrency miners were among the post-exploitation payloads observed by Trend Micro, with the first signs of active exploitation appearing one day after the vulnerability was disclosed, Trend Micro researchers told SC Media.

Source: SC Magazine

 


Date:

Categorie(s):