Oracle Weblogic Exploit to Deploy Monero Miner

11 January 2018

Oracle WebLogic application server is vulnerable to cryptocurrency mining. The security researcher has found this exploit to mine monero coins in the compromised machine.

This critical bug allows hackers to run arbitrary commands with WebLogic server with user privileges.

The vulnerability (CVE 2017-10271) was present in the WebLogic Web Services component (wls-wsat) and due to lack of improperly user input sanitizing which allow an unauthenticated remote attacker to install and run crypto miners and hijacking their processing power to mine Monero coins makes the spike in CPU usage.

The attackers begun using Chinese security researcher Lian Zhang published a proof-of-concept exploit in December, says Johannes Ullrich, dean of research for SANS Technology Institute.

Read full news article on GBHackers

Date:

11 January 2018

Categorie(s):

NEWS

Tag(s):

Deploy, Miner, Monero, Oracle, Security, Vulnerability

Leveraging Big Data for Enhanced Cybersecurity Solutions3 May 2024
BlackBerry CylanceMDR improves cybersecurity defensive strategy3 May 2024
New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data3 May 2024
Indonesia is a Spyware Haven, Amnesty International Finds3 May 2024
FortiGate 200G series boosts campus connectivity for Wi-Fi 73 May 2024