RATE Group | Ghost blogging platform hit by cryptocurrency mining attack
87462
post-template-default,single,single-post,postid-87462,single-format-standard,ajax_fade,page_not_loaded,,qode_grid_1300,side_area_uncovered_from_content,footer_responsive_adv,qode-content-sidebar-responsive,qode-child-theme-ver-1.0.0,qode-theme-ver-13.3,qode-theme-bridge,wpb-js-composer js-comp-ver-7.9,vc_responsive
 

Ghost blogging platform hit by cryptocurrency mining attack

05 May Ghost blogging platform hit by cryptocurrency mining attack

Posted at 03:01h in Cryptocurrency News by

A vulnerability in the Salt management framework was exploited by attackers to install cryptocurrency mining software on the popular Ghost blogging platform, the company said in a notice on its website.

In a statement, which has seen constant updates since it was first posted on 4 May AEDT, Ghost first reported an outage, and then said it had been fixed.

Later, the company said there had been an attempt to mine cryptocurrency on its servers, which led to a spike in CPU usage and a subsequent outage.

It identified the flaw that had been exploited and said it affected both the Ghost(pro) sites and the Ghost.org billing services.

The company said no credit card information had been affected and no credentials were stored in plaintext.

“There is no direct evidence that private customer data, passwords or other information has been compromised,” it added. “All sessions, passwords and keys are being cycled and all servers are being re-provisioned.”

Commenting on the…

Source link

Tags:
, , , , , ,