Open-source ransomware, RATs deployed on compromised TeamCity servers

20 March 2024

A JetBrains TeamCity authentication bypass vulnerability is being leveraged to deploy open-source ransomware, remote access tools (RATs), cryptominers and Cobalt Strike beacons, according to Trend Micro research published Tuesday. Jasmin ransomware, SparkRAT backdoors and XMRig cryptocurrency miners were among the post-exploitation payloads observed by Trend Micro, with the first signs of active exploitation appearing one day after the vulnerability was disclosed, Trend Micro researchers told SC Media.

Source: SC Magazine

Date:

20 March 2024

Categorie(s):

NEWS

Tag(s):

IT, News, Ransomware, RATs, TeamCity

A week in security (April 22 – April 28)29 April 2024
Okta Warns of Credential Stuffing Attacks Using Proxy Services29 April 2024
Android Malware Brokewell With Complete Device Takeover Capabilities29 April 2024
Fileless .NET Based Code Injection Attack Delivers AgentTesla Malware29 April 2024
Prompt Fuzzer: Open-source tool for strengthening GenAI apps29 April 2024