kinsing
-
The persistent cyber threat known as Kinsing malware has taken a new and sophisticated approach to its cryptojacking campaign. Tenable Research recently uncovered that the malware is now targeting cloud servers, specifically Apache Tomcat servers, by hiding within seemingly innocuous “man” pages (digital system manuals). This marks a significant escalation in Kinsing’s tactics, as it…
-
Cryptojacking operation Kinsing, also known as H2Miner, had its botnet strengthened with the addition of new security vulnerabilities, reports The Hacker News.
-
Kinsing malware, known for exploiting vulnerabilities on Linux cloud servers to deploy backdoors and cryptominers, has recently expanded its target to include Apache Tomcat servers.
-
In general terms, after exploiting a vulnerability or misconfiguration, the attackers execute a series of infection scripts that prepare the environment, eliminate competing malware, and deploy a cryptomining program and the Kinsing trojan which is used for remote control. These are usually accompanied by a rootkit that’s meant to hide the files and processes of…
-
The attackers behind the Kinsing malware are the latest to exploit the Apache ActiveMQ critical remote code execution (RCE) vulnerability, targeting the flaw to infect vulnerable Linux systems with a cryptocurrency miner.
-
Attackers are exploiting a recently fixed vulnerability (CVE-2023-46604) in Apache ActiveMQ to install Kinsing malware and cryptocurrency miners on targeted Linux systems.
-
Nov 21, 2023NewsroomLinux / Rootkit The Kinsing threat actors are actively exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency miners and rootkits.
-
Malicious actors affiliated with the cryptojacking syndicate known as Kinsing have escalated their exploitation of a vulnerability discovered in Linux last October, referred to as Looney Tunables (CVE-2023-4911), to orchestrate incursions into cloud environments. This development has been reported by AquaSec, a firm specializing in cloud technology security.
-
Kinsing threat actors probed the Looney Tunables flaws in recent attacks
-
The first instance of an exploit attack on the so-called “Looney Tunables” Linux privileged escalation vulnerability (CVE-2023-4911) was reported by researchers from Aqua Nautilus.