Crypto Mining Malware Targeting Linux Servers

It has been reported that a coin-mining malware infection previously only seen on Arm-powered IoT devices has made the jump to Intel systems. Akamai senior security researcher Larry Cashdollar says one of his honeypot systems recently turned up what appears to be an IoT malware that targets Intel machines running Linux. It is fine-tuned for intel processors by establishing a SSH (port 22) connection and deliver it as a gzip archive. It creates three different directories with different versions of the same files. Each directory contains a variation of the XMrig v2.14.1 cryptocurrency miner in either x86 32bit or 64bit format and some of the binaries are named after popular UNIX utilities such as ps to make it harder to detect.

 


EXPERTS COMMENTS
Gavin Millard , VP of intelligence ,  Tenable
September 03, 2019
It's often said that when it comes to basic cyber hygiene that you don't have to run as fast as a bear.
As with other similar attacks, this latest malware capitalises on the abundance of low hanging fruit of default credentials and user names with simple passwords. As we’ve learned over the last 15 to 20 years, there are far too many systems connected to the internet with this type of access which will be easily popped and CPU cycles monetised. Admins must know the exposure of every externally f ....
[Read More >>]

If you are an expert on this topic:

Dot Your Expert Comments

SUBSCRIBE to alert when new comments are posted on this news. :




In this article