Article 5YF84 Hackers hammer SpringShell vulnerability in attempt to install cryptominers

Hackers hammer SpringShell vulnerability in attempt to install cryptominers

by
Dan Goodin
from Ars Technica - All content on (#5YF84)
cryptomining-800x438.jpeg

Enlarge (credit: Getty Images)

Malicious hackers have been hammering servers with attacks that exploit the recently discovered SpringShell vulnerability in an attempt to install cryptomining malware, researchers said.

SpringShell came to light late last month when a researcher demonstrated how it could be used to remotely execute malicious code on servers that run the Spring model-view-controller or WebFlux applications on top of Java Development Kit versions 9 or higher. Spring is the most widely used Java framework for developing enterprise-level applications in Java. The framework is part of a sprawling ecosystem that provides tools for things like cloud, data, and security apps.

Earlier this month, security firm Trend Micro said it began detecting attempts. From April 1 to April 12, company researchers detected an average of roughly 700 attempts per day to exploit the vulnerability to install cryptomining software. By running the malware on powerful enterprise servers, criminals can mine Bitcoin or other types of digital cash using the resources and electricity of an unwitting victim.

Read 8 remaining paragraphs | Comments

index?i=kh124ehGGnA:lSJLmX5FCwk:V_sGLiPB index?i=kh124ehGGnA:lSJLmX5FCwk:F7zBnMyn index?d=qj6IDK7rITs index?d=yIl2AUoC8zA
External Content
Source RSS or Atom Feed
Feed Location http://feeds.arstechnica.com/arstechnica/index
Feed Title Ars Technica - All content
Feed Link https://arstechnica.com/
Reply 0 comments