Top

Oracle WebLogic Exploit Used in Cryptocurrency Mining Campaign

January 10, 2018

PeopleSoft and WebLogic app servers, as well as cloud systems using WebLogic, hacked and used to net some $226K in digital currency.

Enterprises that failed to install Oracle’s critical WebLogic patch last October could find their PeopleSoft and cloud-based servers churning out cryptocurrency, a new discovery shows.

A security researcher found attackers had mined 611 Monero coins, which carries a current value of $226,070, by exploiting the WebLogic Flaw in vulnerable servers around the globe. Reports began to emerge earlier this week that a malicious campaign was underway to deploy Monero cryptocurrency miners on these unpatched systems, according to a blog post by Renato Marinho, chief research officer at Morphus Labs, who made the discovery.

Read More on Dark Reading