Hackers exploit old HTTP File Server to install Monero miners

As an experienced cybersecurity analyst, I find this news deeply concerning. The exploitation of older versions of Rejetto’s HTTP File Server (HFS) by hackers to install Monero mining malware and other malicious software is a significant threat to organizations and individuals using these outdated versions.

As a researcher, I’ve come across concerning reports of hackers taking advantage of unpatched vulnerabilities in outdated variations of Rejetto’s HTTP File Server. These attackers are using this weakness to deploy Monero mining malware as well as other harmful software on affected systems.

According to BleepingComputer’s latest findings, cybercriminals have discovered a method to misuse outdated editions of the HTTP File Server (HFS) software, which is utilized for distributing and making files accessible, to install malevolent Monero cryptocurrency miners. This information comes from AhnLab, a leading cybersecurity firm.

A critical vulnerability discovered in HFS versions 2.3 and below has given rise to an exploit. This exploit empowers cybercriminals to issue unauthenticated remote commands at will, making it simple for them to seize control.

According to reports from AhnLab, cybercriminals have been identified as using a range of malicious tools in their attacks beyond just system intrusion. Some of these tools include XMRig, which is designed for mining Monero (XMR), and remote access trojans (RATs) such as XenoRAT and Gh0stRAT. The extent of these attacks and the total amount of Monero mined are currently unknown.

According to reports, Rejetto acknowledged the security vulnerability, or “exploit,” by issuing warnings. The affected software versions were identified as 2.3m through 2.4, which Rejetto urged users to avoid due to their dangerous nature. It is recommended that these outdated versions no longer be used.

Cybercriminals commonly choose to install XMRig on compromised systems because Monero’s robust privacy features make Monero transactions challenging to track. The versatility and efficiency of XMRig enable it to operate on various hardware types, while its open-source code makes customization simple. Furthermore, this mining software can run inconspicuously in the background of a computer’s processes, reducing the likelihood of detection.

Read More

2024-07-05 14:59