400 Servers Running The Visualization Software Docker Are Reportedly Running Monero (XMR) Mining Software

Monero makes headlines again due to mining issues.

Crypto mining malware continues to target significant corporations, and they are hijacking victims to mine XMR.

This process is used all over the world to make money among cybercriminals and all kinds of bad actors.

It has already been reported that Monero is a favorite coin for mining.

400 servers running Docker are mining XMR

Now, it seems that about 400 servers which are running Docker, a visualization software, have been found to be vulnerable to exploit.

Most of them are running Monero (XMR) mining software, according to the latest reports coming from cybersecurity company Imperva.

Cointelegraph reports that there’s a misconfiguration of the vulnerable Docker hosts which allows public access to the Docker API. This should be only locally accessible.

The misconfiguration together with a newly found flaw allows attackers to obtain administration on the server and install malware.

Researchers at Imperva claim to have found 3,822 misconfigured hosts (with the API exposed), of which about 400 were actually accessible. The report notes:

“We found that most of the 400 exposed Docker remote API IPs are running a cryptocurrency miner for a currency called Monero.”

Unfortunately, the data on the server is also accessible to the bad actor, and this includes the database and credentials such as passwords.

Coinhive shuts down

crypto mining platformjust has revealed that they ceased operations due to economic inviability and more reasons.

This is the hackers’ favorite crypto mining service, according to reports.

The platform seems to have suffered a great dal following the last Monero hard fork and the subsequent 50% fall in its hashrate.

The also writes that the platform’s dashboards are accessible to users until April 30, 2019, to initiate the payouts.

It was also reported that they had been affected a lot after the XMR hard fork.

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *