Security News > 2020 > September > Cryptomining activity could be a sign your servers are under attack
Cryptomining activity used to monetize compromised servers.
While cryptomining activity may not cause disruption or financial losses on its own, mining software is usually deployed to monetize compromised servers that are sitting idle while criminals plot larger money-making schemes.
These include exfiltrating valuable data, selling server access for further abuse, or preparing for a targeted ransomware attack.
Any servers found to contain cryptominers should be flagged for immediate remediation and investigation.
Cloud servers are particularly exposed to compromise and use in underground hosting infrastructure as they may be lacking the protection of their on-premises equivalents.
News URL
http://feedproxy.google.com/~r/HelpNetSecurity/~3/dZPcx7FCcCY/
Related news
- Critical RCE bug in VMware vCenter Server now exploited in attacks (source)
- New NachoVPN attack uses rogue VPN servers to install malicious updates (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Rspack npm Packages Compromised with Crypto Mining Malware in Supply Chain Attack (source)