Attackers Find a New Way to Install Cryptominers

By

Cryptominers consume valuable resources

This year in June, F5 researchers found a new malware campaign exploiting a Jenkins dynamic routing vulnerability to install a cryptominer.

F5 explained that the vulnerability bypasses specific access control lists and leverages the Groovy plugin metaprogramming to download and remotely execute a malicious cryptominer.

The cryptominer consumes valuable computing resources, raising bills and leading to slower performance. In the case of enterprise applications, it could means hundreds and thousands of dollars in bills and lost revenues due to the performance hit.

F5 suggests the following steps to protect users: Implement web fraud protection to detect customers logging into your applications with infected clients designed to engage in fraud. Notify your clients of the malware you detected on their system while logging into your application (which can result in them being blocked from carrying out a transaction), so they can take steps to clean their systems; and Provide security awareness training to employees and clients.

10/08/2019

Related content

comments powered by Disqus
Subscribe to our ADMIN Newsletters
Subscribe to our Linux Newsletters
Find Linux and Open Source Jobs



Support Our Work

ADMIN content is made possible with support from readers like you. Please consider contributing when you've found an article to be beneficial.

Learn More”>
	</a>

<hr>		    
			</div>
		    		</div>

		<div class=