Security News > 2020 > September > Cryptomining activity could be a sign your servers are under attack
Cryptomining activity used to monetize compromised servers.
While cryptomining activity may not cause disruption or financial losses on its own, mining software is usually deployed to monetize compromised servers that are sitting idle while criminals plot larger money-making schemes.
These include exfiltrating valuable data, selling server access for further abuse, or preparing for a targeted ransomware attack.
Any servers found to contain cryptominers should be flagged for immediate remediation and investigation.
Cloud servers are particularly exposed to compromise and use in underground hosting infrastructure as they may be lacking the protection of their on-premises equivalents.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/dZPcx7FCcCY/
Related news
- Cybercriminals Exploiting Docker API Servers for SRBMiner Crypto Mining Attacks (source)
- New scanner finds Linux, UNIX servers exposed to CUPS RCE attacks (source)
- Exploit released for new Windows Server "WinReg" NTLM Relay attack (source)
- Notorious Hacker Group TeamTNT Launches New Cloud Attacks for Crypto Mining (source)
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)