A report from the Australian Cyber Security Centre highlights a vulnerability related to attacks using cryptojacking malware.
The Australian Cyber Security Centre said a group of “state actors” hacked Australian networks on June 19 and one of the vulnerabilities they exploited is related to cryptojacking malware attacks.
According to the 48-page report released on June 24, the threat actors exploited four critical vulnerabilities in Telerik UI, including CVE-2019-18935, which was recently leveraged by the Blue Mockingbird malware gang to infect thousands of systems with XMRRig, a Monero (XMR) mining software.
Vulnerability mostly used for cryptojacking purposes
Although the advisory didn’t say if hackers could have installed cryptojacking malware during the recent massive cyberattack, such vulnerability is the preferred one for the cybercriminals for installing crypto-mining applications within corporate networks.
The report elaborates on the CVE-2019-18935 vulnerability, which also has similarities with the ones that Cointelegraph reported on the Blue Mockingbird’s attack, although it doesn’t imply that such gang participated in the cyberattack against Australia:
“Other exploit payloads were identified by the ACSC most commonly when the actor’s attempt at a reverse shell was unsuccessful.