Security News > 2023 > November > Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems.
Kinsing malware targets Linux systems and its operator is notorious for leveraging known flaws that are often overlooked by system administrators.
"Currently, there are existing public exploits that leverage the ProcessBuilder method to execute commands on affected systems," the researchers explain.
"In the context of Kinsing, CVE-2023-46604 is exploited to download and execute Kinsing cryptocurrency miners and malware on a vulnerable system" - Trend Micro.
To mitigate the threat, system administrators are recommended to upgrade Apache Active MQ to versions 5.15.16, 5.16.7, 5.17.6, or 5.18.3, which address the security issue.
3,000 Apache ActiveMQ servers vulnerable to RCE attacks exposed online.
News URL
Related news
- VEILDrive Attack Exploits Microsoft Services to Evade Detection and Distribute Malware (source)
- SteelFox and Rhadamanthys Malware Use Copyright Scams, Driver Exploits to Target Victims (source)
- Cybercriminals Use Excel Exploit to Spread Fileless Remcos RAT Malware (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Botnet exploits GeoVision zero-day to install Mirai malware (source)
- APT-C-60 Hackers Exploit StatCounter and Bitbucket in SpyGlace Malware Campaign (source)
- Cybercriminals Exploit Popular Game Engine Godot to Distribute Cross-Platform Malware (source)
- BootKitty UEFI malware exploits LogoFAIL to infect Linux systems (source)
- Exploit released for critical WhatsUp Gold RCE flaw, patch now (source)
- PoC exploit for critical WhatsUp Gold RCE vulnerability released (CVE-2024-8785) (source)
Related Vulnerability
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-10-27 | CVE-2023-46604 | The Java OpenWire protocol marshaller is vulnerable to Remote Code Execution. | 9.8 |