Connect with us

Hi, what are you looking for?



Monero-Mining Botnet Exploits Bugs in Oracle WebLogic and Drupal Facebook

A Chinese crypto-mining botnet is taking advantage of vulnerabilities in Oracle WebLogic and Drupal

According to Bleeping Computer, a Chinese botnet has exploited some bugs in Oracle WebLogic, a popular server for running enterprise applications, and content management system Drupal.

Its report cites the findings of Mountain View-based cloud cybersecurity provider Lacework that a new version of the malware.

Dubbed “Muhstik,” the botnet in question has been around since March 2018. It is infamous for attacking Linux-based services like WordPress as well as devices powered by the internet of things (IoT) technology.

Like a slew of similar botnets, Muhstik relies on XMRig, an open-source CPU miner for privacy coin Monero (XMR), for monetization purposes.

The botnet receives an instruction to download the miner from command-and-control (C&C) servers, according to researcher Chris Hall:

“Usually Muhstik will be instructed to download an XMRrig miner and a scanning module. The scanning module is used for growing the botnet through targeting other Linux servers and home routers.”


Based on its malware upload paths, Muhstik was attributed to a Chinese firm. Its C&C also shares that same SSL certificate with a site devoted to a popular anime character.

As reported by U.Today, the Stantinko gang adopted innovative techniques to obfuscate their cryptojacking operations earlier this year.

Last year, French cyberpolice shut down a botnet that was responsible for infecting hundreds of thousands Windows computers around the globe.

News Source


Trending Post


ChainLink is basically very exciting.  Users have to state that it stirs the imagination and passions of the community in ways that other projects...


Senseering offers an IOTA-based solution to create a marketplace for data that can be shared among partners. Senseering’s solution will be used in collaboration...


Cryptocurrency investment is becoming a common trend. In the fourth quarter of the year, when investments are said to start doing well, how are...


VeChain (VET), BTCMVMNT, and Team Zuby have joined forces to create a limited-edition merchandise collection dubbed “Take the Power Back.” The team says the...

Copyright © ELEVENEWS