Security News > 2024 > April > Hackers hijack OpenMetadata apps in Kubernetes cryptomining attacks
In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads using critical remote code execution and authentication vulnerabilities.
The security vulnerabilities exploited in these attacks were patched one month ago, on March 15, in OpenMedata versions 1.2.4 and 1.3.1.
Microsoft, which first spotted the attacks, says the five flaws have been actively exploited since early April to hijack Internet-exposed OpenMedata workloads left unpatched.
"Once the attackers confirm their access and validate connectivity, they proceed to download the payload, a cryptomining-related malware, from a remote server. We observed the attackers using a remote server located in China."
Critical RCE bug in 92,000 D-Link NAS devices now exploited in attacks.
Ivanti fixes VPN gateway vulnerability allowing RCE, DoS attacks.
News URL
Related news
- Hackers Exploiting Popular Document Publishing Sites for Phishing Attacks (source)
- TeamCity Flaw Leads to Surge in Ransomware, Cryptomining, and RAT Attacks (source)
- Hackers Hijack GitHub Accounts in Supply Chain Attack Affecting Top-gg and Others (source)
- US sanctions APT31 hackers behind critical infrastructure attacks (source)
- Microsoft still unsure how hackers stole MSA key in 2023 Exchange attack (source)
- RUBYCARP hackers linked to 10-year-old cryptomining botnet (source)
- Hackers Deploy Python Backdoor in Palo Alto Zero-Day Attack (source)
- TA558 Hackers Weaponize Images for Wide-Scale Malware Attacks (source)
- Hackers Exploit OpenMetadata Flaws to Mine Crypto on Kubernetes (source)
- REvil hacker behind Kaseya ransomware attack gets 13 years in prison (source)