• Uncategorised

Hackers attack Confluence Servers, hijack power for cryptocurrency mining

A security vulnerability present in Confluence Server and Confluence Data Center is being actively exploited in the wild by attackers to maliciously mine cryptocurrency, researchers say.

According to Trend Micro, attackers are harnessing CVE-2019–3396, a bug present in the Widget Connector macro in Atlassian Confluence Server, which permits path traversal and remote code execution via server-side injection.

Atlassian released a patch on March 20, 2019, to resolve the security flaw alongside an accompanying fix for CVE-2019-3395, a WebDAV endpoint issue which permits attackers to send arbitrary HTTP and WebDAV requests from a Confluence Server or Data Center instance.

However, it seems that unpatched Confluence systems are being widely exploited in the new campaign, which focuses on mining Monero.

See also: What should you do when your ICO is dead in the water? Flog it on eBay

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *