Cryptocurrency News

Hackers Exploit Vulnerability In The WebLogic Server, Use Obfuscation Trick To Deploy Malware

A recent post by Trend Micro has confirmed that a group of hackers had been exploiting a vulnerability in the WebLogic Server. They used it to install the Monero mining malware on computer systems, by deploying certificate files as an obfuscation trick. The security and intelligence blog informed about the malware via a blog post on Monday.

According to the report, such kind of crypto hacks is called crypto-jacking. This essentially means that cyber-criminals install a crypto mining malware on devices to discreetly using their processing power without the owner’s free consent or knowledge. Trend Micro has also claimed that the Oracle WebLogic vulnerability, which was caused by a de-serialization error, was inducted in the vulnerability database earlier this year.

However, the cybersecurity enterprise further states that the cyber-criminals have already started exploiting the vulnerability for crypto-jacking purposes, claiming that it has verified the allegations. Fortunately, Oracle has released an update already which addresses the vulnerability, and all the organizations using the WebLogic Server need to update the software.

Trend Micro also noted that these type of cyber attacks are not new. Last year, Sophos introduced a proof of concept, demonstrating by placing an Excel file with embedded macros inside a certificate file. However, it also said that the one found on the WebLogic Server was unique in its design. It said,

One interesting characteristic of the downloaded certificate file is that it requires that it be decoded twice before the PS command is revealed, which is unusual since the command from the exploit only uses CertUtil once.

Trend Micro further argued that it was possible that the certificate file they downloaded could have been different from the file actually intended for download by a remote command. The reason for this could be that the hackers were updating the files continuously.

Tony Todd

Tony Todd is a journalist of the Latest Bitcoin News team, and he is a strong believer of blockchain technology. He curates contents on the latest happenings of the blockchain world and fintech industry. In his free time, he loves to explore new places and connect with influential people of crypto space.

Recent Posts

How to determine if a company is using blockchain technology correctly?

In today’s Digital era, every company needs to effectively utilize blockchain technology. This latest technology,…

9 months ago

Possible ways to utilize Bitcoin for entertainment and rewards

Digital assets, often known as cryptocurrency, have completely changed the financial industry. They have also…

10 months ago

What Is The Future Of A Crypto Career?

Building a career in the crypto industry appears realistic and optimistic, as there is a…

2 years ago

Navigating regulatory challenges in the Nigerian cryptocurrency market

Introduction The CBN has moved to develop a regulatory framework for cryptocurrencies. In June 2019,…

2 years ago

The Role of Crypto Exchanges in UAE’s Strategy to Attract Tech Talent

Introduction  The UAE has become an attractive destination because of its liberal visa policies. It…

2 years ago

Investing in Singapore’s crypto exchanges: opportunities and risks

Introduction  As a global financial hub, Singapore has seen tremendous growth in the cryptocurrency market,…

2 years ago