RATE Group | Threat Actors Exploit New Drupal Flaw to Deliver Cryptocurrency Mining Malware
36214
wp-singular,post-template-default,single,single-post,postid-36214,single-format-standard,wp-theme-bridge,wp-child-theme-bridge-child,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

Threat Actors Exploit New Drupal Flaw to Deliver Cryptocurrency Mining Malware

24 Jul Threat Actors Exploit New Drupal Flaw to Deliver Cryptocurrency Mining Malware

Posted at 00:57h in Cryptocurrency News by

[ad_1]

Back in March 2018, Drupal security teams fixed CVE-2018-7600 (also known as Drupalgeddon 2) and discovered another vulnerability (CVE-2018-7602) that could be exploited to deliver cryptocurrency mining malware in the process. Attacks against sites leveraging the open source content management system began just hours after the CVE-2018-7602 patch was released, giving site owners and operators little time to respond, Bleeping Computer reported in April 2018.

While the patch effectively curtails this crypto-mining effort, not all companies have implemented the fix.

How the Drupal Flaw Facilitates Cryptocurrency Mining

Monero mining is the aim of cybercriminals leveraging CVE-2018-7602. With 85 percent of all crypto-mining attacks now using Monero — and thieves grabbing more than $175 million from malicious mining techniques — it’s no surprise cybercriminals are exploiting this longstanding Drupal flaw to move more of the digital currency.

The method here is remote code execution…

[ad_2]

Source link