Hackers exploit old HTTP File Server to install Monero miners
Hackers are actively exploiting critical vulnerabilities in older versions of Rejetto’s HTTP File Server to install Monero mining malware and other malicious software.
Hackers have found a way to exploit older versions of the HTTP File Server (HFS), a software designed for publishing and sharing files, to deploy malicious Monero mining software, BleepingComputer reports, citing data from cybersecurity firm AhnLab.
The exploit, which appears to be centered around a critical vulnerability identified in HFS versions up to and including 2.3m, allows threat actors to execute arbitrary commands remotely without requiring authentication, enabling attackers to take control with ease.
In response to the exploit, Rejetto reportedly issued warnings, confirming the bug and advising against the use of versions 2.3m through 2.4, describing them as “dangerous and should not be used anymore.”
Cybercriminals usually favor installing XMRig on infected devices due to Monero’s high privacy features, which make transactions difficult to trace. XMRig’s efficiency and versatility also allow it to run on various hardware, and its open-source nature facilitates easy modification. Additionally, it can run stealthily in the background of a computer’s processes, minimizing the chance of being detected.
You might also like: Hackers exploit Confluence vulnerability to plant crypto mining malware
Source