Oracle Servers Surfaced as Initial Victims of New Crypto Malware
As per reports, security researchers identify another crypt mining malware. This time it is using a trick that is highly tricky to hide. Interestingly, it will install itself into the application server of enterprises. The malware has made Oracle servers as its initial victims.
The malware takes advantage of common vulnerabilities and subsequently exploits it. As per master of fact, researchers from Trend Micro identified it in April this year. The firm, Trend Micro is a cybersecurity company. To install a mining bot, Munero, the malware attacks reportedly Oracle Weblogic Servers.
Recently in the last week, reports on the malware surfaced firstly on SAN ISCInfosec Forum. Researchers of Trend Micro verify that the exploit uses crypto jack servers which are insecure. Hence, to hide, the malware obscures in files that are certified. As a result, antivirus software and firewalls cannot detect it. In short, it uses an exploit so that it can execute automated commands. It does so to download the file of malicious certificates.
Cybersecurity firms note how the hacker’s plot and ways to evade it
As per matter of fact, a tool for coding reads the certificate so that it can change the name along with its extension. It does so to make changes to the updated file. Now that it has executed the file, the previous certification files delete. Interestingly, another script download and then executes automatically.
For the record, the second file downloads and also executes crypto miners.
However, the technique of hiding malware with certificate files is not new. The cybersecurity firm, Trends Micro notes it. On the other hand, another company for cybersecurity, Sophos comes forward to introduce proof of concept. The firm reveals the process to evade such a cyber breach. It shows excels files when embeds with macro in certificate files can easily detect those cyber breach.
Concerning researchers, certificate files look normal in the eyes of security software. This is the reason why these kinds of malware pass and the software cannot detect it. It can house malware without a hint of detection.
Oracle issues updates to address the attack vector of the malware
On the contrary, Oracle issues updates addressing the attack vector of the malware. Moreover, it is still not clear that the hackers obtained any cryptocurrencies out of this scam or not.
So far, it is almost clear that crypto hackers keenly use obfuscation methods to earn cryptocurrencies. They want to slip their hands in into machine of victims with the help of such malware.
Recently in the last week, another methodology that hackers use to steal cryptocurrencies surfaced. According to sources, hackers use an imitation website for crypto trading. They have the aim to sneak into the computers of users by hiding malware
Undoubtedly, these kinds of news are not new in the crypto world. There are many events in a similar fashion where crypto firms have affected widely. Not only this but due to hacking companies have lost millions at the hands of such fraudsters and hackers. There are cases where some companies went to bankruptcy due to such events.