• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
multiple campaigns exploit vmware vulnerability to deploy crypto miners and

Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware

You are here: Home / General Cyber Security News / Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware
October 21, 2022

A now-patched vulnerability in VMware Workspace 1 Obtain has been observed getting exploited to supply both of those cryptocurrency miners and ransomware on afflicted machines.

“The attacker intends to use a victim’s sources as a great deal as possible, not only to set up RAR1Ransom for extortion, but also to spread GuardMiner to acquire cryptocurrency,” Fortinet FortiGuard Labs researcher Cara Lin stated in a Thursday report.

CyberSecurity

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The issue, tracked as CVE-2022-22954 (CVSS rating: 9.8), issues a distant code execution vulnerability that stems from a case of server-facet template injection.

Despite the fact that the shortcoming was addressed by the virtualization expert services provider in April 2022, it has considering that occur less than active exploitation in the wild.

Fortinet stated it noticed in August 2022 attacks that sought to weaponize the flaw to deploy the Mirai botnet on Linux devices as effectively as the RAR1Ransom and GuardMiner, a variant of the XMRig Monero miner.

The Mirai sample is retrieved from a remote server and is designed to launch denial-of-assistance (DoS) and brute-pressure attacks aimed at perfectly-recognized IoT units by generating use of a listing of default qualifications.

CyberSecurity

The distribution of RAR1Ransom and GuardMiner, on the other hand, is realized by indicates of a PowerShell or a shell script dependent on the running program. RAR1ransom is also notable for leveraging the legit WinRAR utility to initiate the encryption procedure.

The findings are yet a different reminder that malware strategies proceed to actively exploit a short while ago disclosed flaws to split into unpatched methods, creating it essential that customers prioritize implementing important security updates to mitigate these threats.

Uncovered this short article interesting? Follow THN on Fb, Twitter  and LinkedIn to examine much more exclusive written content we article.


Some components of this short article are sourced from:
thehackernews.com

Previous Post: «Cyber Security News NCSC CEO Calls for International Standards on IoT Security
Next Post: Thousands of Publicly Exposed API Tokens Could Threaten Software Integrity Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Cybercriminals Using New ASMCrypt Malware Loader Flying Under the Radar
  • Lazarus Group Impersonates Recruiter from Meta to Target Spanish Aerospace Firm
  • Post-Quantum Cryptography: Finally Real in Consumer Apps?
  • Microsoft’s AI-Powered Bing Chat Ads May Lead Users to Malware-Distributing Sites
  • Progress Software Releases Urgent Hotfixes for Multiple Security Flaws in WS_FTP Server
  • Cisco Warns of Vulnerability in IOS and IOS XE Software After Exploitation Attempts
  • GitHub Repositories Hit by Password-Stealing Commits Disguised as Dependabot Contributions
  • China’s BlackTech Hacking Group Exploited Routers to Target U.S. and Japanese Companies
  • The Dark Side of Browser Isolation – and the Next Generation Browser Security Technologies
  • China-Linked Budworm Targeting Middle Eastern Telco and Asian Government Agencies

Copyright © TheCyberSecurity.News, All Rights Reserved.