Atlassian Confluence Data Center and Confluence Server used to carry a maximum severity vulnerability that allowed threat actors to remotely run any malicious code.
Despite the fix being available for months now, there are many unprotected endpoints out there.
As a result, hackers have been observed installing cryptocurrency miners on these devices, raking up huge electricity bills to the victims, as well as rendering their devices practically unusable.
Fighting for control
This is according to a new report from cybersecurity researchers Trend Micro. Published earlier this week, the report argues that crooks are competing with one another, deleting and installing cryptominers regularly.
The vulnerability is tracked as CVE-2023-22527. It is a critical, 10/10 severity flaw that allows for remote code execution, and that was patched in mid-January this year. However, since mid-June this year, crooks started scanning for vulnerable instances, dropping the XMRig miner where possible.
BitminerFactory is brought to life by Darrell Houghton, our astute publisher. With a deep-rooted passion for crypto and crypto mining spanning many years, Darrell’s unwavering enthusiasm fuels his daily quest for knowledge. He is eager to share the pivotal news stories of the day while also providing his own analysis and commentary with Bitminer Factory’s readers.
Source: Crypto Mining News - Bing
