Connect with us

Hi, what are you looking for?

Income Innovator HubIncome Innovator Hub

Editor's Pick

Hackers Exploit Apache ActiveMQ Flaw To Mine Crypto

Source: Pixabay

Hackers are currently targeting a critical Apache ActiveMQ vulnerability to download and infect Linux machines with the Kinsing malware and crypto miner.

In a blog post published on November 20, Trend Micro researchers reported that the exploitation of the CVE-2023-46604 vulnerability in the open-source ActiveMQ protocol results in remote code execution (RCE), which allows Kinsing to carry out the download and installation of malware.

Following a system infection, Kinsing deploys a cryptocurrency-mining script that exploits the host’s resources to mine cryptocurrencies such as Bitcoin. This not only leads to substantial damage to infrastructure but also adversely affects system performance.

The Kinsing malware poses a significant threat, focusing primarily on Linux-based systems, the researchers added. This malicious software has the capability to infiltrate servers and spread rapidly throughout a network. Its mode of entry involves exploiting vulnerabilities present in web applications or misconfigured container environments.

“Organizations that use Apache ActiveMQ must take immediate action to patch CVE-2023-46604 as soon as possible and mitigate the risks associated with Kinsing,” the researchers said in the post. “Given the malware’s ability to spread across networks and exploit multiple vulnerabilities, it is important to maintain up-to-date security patches, regularly audit configurations, and monitor network traffic for unusual activity, all of which are critical components of a comprehensive cybersecurity strategy.”

The vulnerability’s root cause lies in a problem related to the validation of throwable class types during the unmarshalling of OpenWire commands, the researchers noted.

Reports emerged earlier this month regarding the active exploitation of CVE-2023-46604, with hackers utilizing exploits like Metasploit and Nuclei. Despite the high severity of the vulnerability, rated at CVSS 9.8, the level of detection remains comparatively low.

John Gallagher, vice president of Viakoo Labs, highlighted the significance of the CVE, emphasizing the widespread use of Apache ActiveMQ and its ability to communicate across multiple protocols. Additionally, he pointed out its extensive utilization in non-IT environments for interfacing with IoT/OT/ICS devices.

Gallagher further noted that many organizations face challenges in maintaining the patching of IoT devices. Given this scenario, Kinsing’s strategic choice to exploit this vulnerability aligns well with their objective of sustained processing, particularly for activities such as cryptomining.

“Many IoT devices have powerful processing capabilities and lack patching policies, making mining an ideal activity for them,” said Gallagher. “To put it another way, Kinsing likely chose to use this CVE for crypto mining because they expect it to be a long-lived vulnerability; it wouldn’t make any sense if it was a vulnerability Kinsing was expecting to get patched quickly.”

The post Hackers Exploit Apache ActiveMQ Flaw To Mine Crypto appeared first on Cryptonews.

Enter Your Information Below To Receive Latest News, And Articles.

    Stay updated with the latest news, exclusive offers, and special promotions. Sign up now and be the first to know! As a member, you'll receive curated content, insider tips, and invitations to exclusive events. Don't miss out on being part of something special.


    By opting in you agree to receive emails from us and our affiliates. Your information is secure and your privacy is protected.
    Your information is secure and your privacy is protected. By opting in you agree to receive emails from us. Remember that you can opt-out any time, we hate spam too!

    You May Also Like

    Editor's Pick

    Source: Ark Invest / Instagram ARK Investment Management, led by prominent investor Cathie Wood, has reduced its holdings in the Grayscale Bitcoin Trust (GBTC)...

    Latest News

    A super PAC that has overseen much of Ron DeSantis’s presidential operation has fired its CEO less than two weeks after the previous chief...

    Latest News

    WINDHAM, N.H. — It’s pouring rain Saturday morning as New Hampshire Gov. Chris Sununu (R) arrives at Mary Ann’s diner in Windham, fielding calls...

    Stock

    Popeyes is expanding its menu beyond chicken sandwiches — and it’s a permanent change this time. The fast-food chain announced Wednesday it’s adding five...

    Disclaimer: Incomeinnovatorhub.com, its managers, its employees, and assigns (collectively “The Company”) do not make any guarantee or warranty about what is advertised above. Information provided by this website is for research purposes only and should not be considered as personalized financial advice. The Company is not affiliated with, nor does it receive compensation from, any specific security. The Company is not registered or licensed by any governing body in any jurisdiction to give investing advice or provide investment recommendation. Any investments recommended here should be taken into consideration only after consulting with your investment advisor and after reviewing the prospectus or financial statements of the company.


    Copyright © 2024 incomeinnovatorhub.com