Connect with us

Hi, what are you looking for?

Latest News

Hackers Exploit Apache ActiveMQ Flaw To Mine Crypto

Source: Pixabay

Hackers are currently targeting a critical Apache ActiveMQ vulnerability to download and infect Linux machines with the Kinsing malware and crypto miner.

In a blog post published on November 20, Trend Micro researchers reported that the exploitation of the CVE-2023-46604 vulnerability in the open-source ActiveMQ protocol results in remote code execution (RCE), which allows Kinsing to carry out the download and installation of malware.

Following a system infection, Kinsing deploys a cryptocurrency-mining script that exploits the host’s resources to mine cryptocurrencies such as Bitcoin. This not only leads to substantial damage to infrastructure but also adversely affects system performance.

The Kinsing malware poses a significant threat, focusing primarily on Linux-based systems, the researchers added. This malicious software has the capability to infiltrate servers and spread rapidly throughout a network. Its mode of entry involves exploiting vulnerabilities present in web applications or misconfigured container environments.

“Organizations that use Apache ActiveMQ must take immediate action to patch CVE-2023-46604 as soon as possible and mitigate the risks associated with Kinsing,” the researchers said in the post. “Given the malware’s ability to spread across networks and exploit multiple vulnerabilities, it is important to maintain up-to-date security patches, regularly audit configurations, and monitor network traffic for unusual activity, all of which are critical components of a comprehensive cybersecurity strategy.”

The vulnerability’s root cause lies in a problem related to the validation of throwable class types during the unmarshalling of OpenWire commands, the researchers noted.

Reports emerged earlier this month regarding the active exploitation of CVE-2023-46604, with hackers utilizing exploits like Metasploit and Nuclei. Despite the high severity of the vulnerability, rated at CVSS 9.8, the level of detection remains comparatively low.

John Gallagher, vice president of Viakoo Labs, highlighted the significance of the CVE, emphasizing the widespread use of Apache ActiveMQ and its ability to communicate across multiple protocols. Additionally, he pointed out its extensive utilization in non-IT environments for interfacing with IoT/OT/ICS devices.

Gallagher further noted that many organizations face challenges in maintaining the patching of IoT devices. Given this scenario, Kinsing’s strategic choice to exploit this vulnerability aligns well with their objective of sustained processing, particularly for activities such as cryptomining.

“Many IoT devices have powerful processing capabilities and lack patching policies, making mining an ideal activity for them,” said Gallagher. “To put it another way, Kinsing likely chose to use this CVE for crypto mining because they expect it to be a long-lived vulnerability; it wouldn’t make any sense if it was a vulnerability Kinsing was expecting to get patched quickly.”

The post Hackers Exploit Apache ActiveMQ Flaw To Mine Crypto appeared first on Cryptonews.

Enter Your Information Below To Receive Free Trading Ideas, Latest News And Articles.







    Fill Out & Get More Relevant News





    Stay ahead of the market and unlock exclusive trading insights & timely news. We value your privacy - your information is secure, and you can unsubscribe anytime. Gain an edge with hand-picked trading opportunities, stay informed with market-moving updates, and learn from expert tips & strategies.

    Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

    You May Also Like

    Investing

    The Senate is expected to send a temporary spending package known as a Continuing Resolution (CR) to the White House, averting a government shutdown before...

    Investing

    Sen. Tommy Tuberville’s, R-Ala., colleagues pleaded on the Senate floor early Thursday morning – from midnight until nearly 4 a.m. – to drop his objection to...

    Latest News

    A bipartisan ethics report concludes there is “substantial evidence” that George Santos violated federal criminal laws, which will almost certainly trigger another attempt to...

    Editor's Pick

    Helium Evolution Incorporated (TSXV:HEVI) (‘ HEVI ‘ or the ‘ Company ‘), a Canadian-based helium exploration company focused on developing assets in southern Saskatchewan,...

    Disclaimer: Goldenliontraders.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.


    Copyright © 2023 Goldenliontraders.com