Top

New Drupal Exploit Mines Monero for Attackers

June 25, 2018

Via: Dark Reading
Category:

A new exploit of a known vulnerability gives an attacker control of the Drupal-hosting server.

A newly discovered vulnerability in Drupal has been exploited to turn infected systems into Monero mining bots. Worse, the vulnerability could easily be exploited to do far more than simply steal resources and performance.

Researchers from the Trend Micro Smart Home Network and IoT Reputation Service Teams found the exploits of CVE-2018-7602, a remote code execution vulnerability in Drupal 7 and 8. While the vulnerability was patched on April 25, 2018, many users have yet to move to the current version, leaving an unknown number of Drupal-based websites vulnerable.

Read More on Dark Reading

RELATED PUBLICATIONS

Palo Alto Networks Warns of Exploited Firewall Vulnerability
Fortinet Warns of Severe SQLi Vulnerability in FortiClientEMS Software
API sprawl: navigating the web of connectivity and security challenges

Latest Publications

OpenAI’s GPT-4 can exploit real vulnerabilities by reading security advisories
10 tips to keep IP safe
Ransomware group Dark Angels claims the theft of 1TB of data from chipmaker Nexperia 
Security Curated Copyright © 2024. All rights reserved
Go to ITCurated!