Cryptomining hackers targeting unpatched server weaknesses

Published on: 18 May 2018

Cyber criminals are increasingly targeting unpatched server vulnerabilities to infect machines with cryptomining malware.

This is according to cyber security solutions firm Check Point, which has just published its monthly top ten most wanted malware rundown.

April’s chart was the fourth consecutive month where cryptomining malware dominated as Monero cryptocurrency miner Coinhive was deemed to be most prevalent form of malware yet again, with a global reach of 16 per cent.

Cryptoloot - another cryptomining malware - was a close second, with a global reach of 14 per cent, while the Roughted malvertising malware came in third (11 per cent).

Check Point’s researchers also noticed that cyber criminals are increasingly targeting unpatched server vulnerabilities in Microsoft Windows Server 2003 (CVE-2017-7269) and Oracle Web Logic (CVE-2017-10271) in a bid to illicitly mine cryptocurrency.

Globally, almost half (46 per cent) of the world’s organisations were targeted for the Microsoft Windows Server 2003 vulnerability.

Maya Horowitz, threat intelligence group manager at Check Point, said cyber criminals will continue to innovate and explore new ways of exploiting victims’ machines and net more revenue.

“Now that they’re seeking to infiltrate networks using unpatched server vulnerabilities, this is a clear reminder to organisations that security basics - such as patching - are critical to ensuring that networks remain secure,” she commented.