28th January, 2019
1 Min read
Book a Demo
Attackers are increasingly targeting vulnerable cloud infrastructure to exploit it for covert cryptojacking or to deliver ransomware, Securonix researchers warn.
Reduce your AWS costs by over 50%
Discover your Cloud Saving Potential – Answer just 5 simple questions. AppsFlyer, Playtika, Lufthansa, IBM, top leading companies are already using our FinOps services.
Some attacks are fairly trivial, but others are multi-vector/multi-platform threats where multiple functionalities are combined as part of the same malicious threat (e.g., XBash, which combines cryptomining, ransomware and botnet/worm activity).
The attacks are automated and probe the infrastructure and cloud services for vulnerabilities and/or weak or default login credentials.
The attackers achieve the persistence of their malicious implants through cronjob entries on Linux and malicious startup items on Windows systems. They continually change the C&C servers that deliver additional malware, username/password lists, etc.
Read more: Help Net Security