KashmirBlack Botnet Hits at CMS for Cryptocurrency Mining
Crypto Guide
Live News

Keeping up with all the cryptocurrency news and updates is not an easy task, but we are up to the challenge! This way we can help our readers to keep track of changes in these fast growing currencies. Just like our site, lambo2btc.com is willing to face this challenge and on their site, they compile the features, key elements, and recent news involving bitcoin casino sites and which are the best to try!

KashmirBlack Botnet Hits at CMS for Cryptocurrency Mining

October 27, 2020      Jafrin Ahmed

Indonesia-based botnet network KashmirBlack attacks popular content management systems (CMS) such as WordPress, Drupal, Joomla among others. The botnet network intends to attack CMS platforms and use their servers for cryptocurrency mining or sending spams to victims.

Member of PhantomGhost Hacker Group Behind The Botnet

U.S.-based cybersecurity firm Imperva uncovered the highly sophisticated botnet. The botnet network is run by the hacker “Exect1337,” a member of the Indonesian hacker crew PhantomGhost. Researchers were able to link the botnet to the particular Indonesian hacking group by tracing IP addresses used during a website defacement campaign earlier this year.

Ofir Shaty, Imperva security researcher and research co-author share his views saying:

READ  North Korea Hackers Breached DragonEx Cryptocurrency Exchange

“This is the first time we have been able to get visibility into how exactly a botnet like this operates; an important discovery that will help the industry better understand how these nefarious groups evolve and sustain their activity.”

According to the report, KashmirBlack started operating last year in November 2019 and has attacked thousands of websites including WordPress, Joomla, PrestaShop, Magento, Drupal, vBulletin, OsCommerce, OpenCart, and Yeager.

Researchers at Imperva says that it is also supported by 60 other compromised content management servers as part of its malicious infrastructure.

KashmirBlack Botnet Infected Around 700 CMS Platforms Everyday

The security researchers at Imperva have estimated that KashmirBlack has infected around 700 vulnerable content management system servers each day. This implies that the botnet alone has compromised around 230,000 servers yet.

READ  Binance Pool Plans To Secure More Bitcoin Mining Hash Rate

Attackers of KashmirBlack use cloud services from platforms such as GitHub, Dropbox, and Pastebin to hide from security tools while sending out additional spams to the infected servers.

Moreover, KashmirBlack botnet is controlled by a single command-and-control server. In March, the botnet network added a crypto mining function, using XMRig malware to mine for Monero cryptocurrency. Security researchers at Imperva were able to uncover this by tracing this activity to a digital wallet.

#Botnet #CMS #Content management systems #Cryptocurrency mining #Exect1337 #Hacking #KashmirBlack #Monero mining
Jafrin Ahmed
Jafrin Ahmed

Jafrin is a cryptocurrency journalist/researcher fascinated by the world of decentralization. She is hopeful towards blockchain’s innovation and its potential to reshape the world for good. Currently, she is bringing out the best of cryptosphere via covering the latest ins and outs of the blockchain space.