Proxyjacking, cryptomining against Selenium Grid servers escalate

13 September 2024

Threat actors part of the proxyjacking campaign exploited Selenium Grid servers’ “goog:chromeOptions” configuration to facilitate deployment of a base64-encoded Python script, which enabled the retrieval of an open-source GSocket reverse shell and the eventual deployment of the IPRoyal Pawns residential proxy service and EarnFM proxyware tool, reported Cado Security researchers.

Source: SC Magazine

Date:

13 September 2024

Categorie(s):

NEWS

Tag(s):

IT, News, Selenium Grid

Criminals open DocuSign’s Envelope API to make BEC special delivery5 November 2024
Biden administration prepares second executive order on cybersecurity5 November 2024
Link Index for Customer Identity and Access Management5 November 2024
Technical debt, multi-cloud complexity hinder modern tech adoption5 November 2024
FBI Seeks Public Help to Identify Chinese Hackers Behind Global Cyber Intrusions5 November 2024