Hackers exploited Jenkins servers, made $3 million by mining Monero


If you run a Jenkins server, then you might want to make sure it is fully patched since researchers found “one of the biggest malicious mining operations ever discovered.” The cyber crooks have already made more than $3 million by installing malware that mines for Monero on vulnerable Windows machines. But now they are honing in on vulnerable, yet powerful, Jenkins servers.

“The operation uses a hybridization of a Remote Access Trojan (RAT) and XMRig miner” that is “capable of running on many platforms and Windows versions,” the security firm Check Point revealed. Most victims so far were “personal computers. With every campaign, the malware has gone through several updates and the mining pool used to transfer the profits is also changed.”

Over the last 18 months, the hackers have accumulated 10,800 Monero; that is currently worth $3,436,776.

“The perpetrator, allegedly of Chinese origin, has been running the XMRig miner on many versions of Windows, and has already secured him over $3 million worth of Monero crypto-currency,” added Check Point. “As if that wasn’t enough though, he has now upped his game by targeting the powerful Jenkins CI server, giving him the capacity to generate even more coins.”



Source link

Comments (No)

Leave a Reply