Security News > 2023 > September > Hackers Exploit MinIO Storage System Vulnerabilities to Compromise Servers
An unknown threat actor has been observed weaponizing high-severity security flaws in the MinIO high-performance object storage system to achieve unauthorized code execution on affected servers.
Cybersecurity and incident response firm Security Joes said the intrusion leveraged a publicly available exploit chain to backdoor the MinIO instance.
The two vulnerabilities "Possess the potential to expose sensitive information present within the compromised installation and facilitate remote code execution on the host where the MinIO application is operational," Security Joes said in a report shared with The Hacker News.
In the attack chain investigated by the company, the flaws are said to have been weaponized by the adversary to obtain admin credentials and abuse the foothold to replace the MinIO client on the host with a trojanized version by triggering an update command specifying a MIRROR URL. "The mc admin update command updates all MinIO servers in the deployment," the MinIO documentation reads.
"By replacing the authentic MinIO binary with its 'evil' counterpart, the attacker seals the compromise of the system."
It's worth noting that the altered version of the binary is a replica of an exploit named Evil MinIO that was published on GitHub in early April 2023.
News URL
https://thehackernews.com/2023/09/hackers-exploit-minio-storage-system.html
Related news
- Hackers Exploit Misconfigured YARN, Docker, Confluence, Redis Servers for Crypto Mining (source)
- Hackers exploit Ray framework flaw to breach servers, hijack resources (source)
- State-Sponsored Hackers Exploit Two Cisco Zero-Day Vulnerabilities for Espionage (source)
- Hackers Exploit ConnectWise ScreenConnect Flaws to Deploy TODDLERSHARK Malware (source)
- Hackers exploit WordPress plugin flaw to infect 3,300 sites with malware (source)
- Magnet Goblin Hacker Group Leveraging 1-Day Exploits to Deploy Nerbian RAT (source)
- Hackers leverage 1-day vulnerabilities to deliver custom Linux malware (source)
- Hackers exploit Windows SmartScreen flaw to drop DarkGate malware (source)
- Hackers exploit Aiohttp bug to find vulnerable networks (source)
- AI framework vulnerability is being used to compromise enterprise servers (CVE-2023-48022) (source)