As an experienced cybersecurity analyst, I find this news deeply concerning. The exploitation of older versions of Rejetto’s HTTP File Server (HFS) by hackers to install Monero mining malware and other malicious software is a significant threat to organizations and individuals using these outdated versions.
As a researcher, I’ve come across concerning reports of hackers taking advantage of unpatched vulnerabilities in outdated variations of Rejetto’s HTTP File Server. These attackers are using this weakness to deploy Monero mining malware as well as other harmful software on affected systems.
According to BleepingComputer’s latest findings, cybercriminals have discovered a method to misuse outdated editions of the HTTP File Server (HFS) software, which is utilized for distributing and making files accessible, to install malevolent Monero cryptocurrency miners. This information comes from AhnLab, a leading cybersecurity firm.
A critical vulnerability discovered in HFS versions 2.3 and below has given rise to an exploit. This exploit empowers cybercriminals to issue unauthenticated remote commands at will, making it simple for them to seize control.
According to reports from AhnLab, cybercriminals have been identified as using a range of malicious tools in their attacks beyond just system intrusion. Some of these tools include XMRig, which is designed for mining Monero (XMR), and remote access trojans (RATs) such as XenoRAT and Gh0stRAT. The extent of these attacks and the total amount of Monero mined are currently unknown.
According to reports, Rejetto acknowledged the security vulnerability, or “exploit,” by issuing warnings. The affected software versions were identified as 2.3m through 2.4, which Rejetto urged users to avoid due to their dangerous nature. It is recommended that these outdated versions no longer be used.
Cybercriminals commonly choose to install XMRig on compromised systems because Monero’s robust privacy features make Monero transactions challenging to track. The versatility and efficiency of XMRig enable it to operate on various hardware types, while its open-source code makes customization simple. Furthermore, this mining software can run inconspicuously in the background of a computer’s processes, reducing the likelihood of detection.
Read More
- Nadaaniyan song Galatfehmi OUT: Ibrahim Ali Khan, Khushi Kapoor’s heartbreaking separation in love will leave you emotional
- Pop-Tarts and Krispy Kreme Kick Off 2025 With Collaborative Menu
- Cookie Run Kingdom Town Square Vault password
- Alec Baldwin’s TLC Reality Show Got A Release Date And There’s At Least One Reason I’ll Definitely Be Checking This One Out
- The First Trailer for The Weeknd’s ‘Hurry Up Tomorrow’ Film Is Here
- Rick Owens Gives RIMOWA’s Cabin Roller a Bronze Patina
- JJJJound’s Made in Germany adidas Superstars Drop This Week
- Lars Eidinger on Berlin Opener ‘The Light’: “We, the Privileged Wealthy, Are the Problem”
- Ryan Gosling’s Star Wars Movie Here’s Everything We Know
- ‘The Last of Us’ Gets Season 2 Premiere Date
2024-07-05 14:59