Copy link
Increase text size
Decrease text size
Link copied

Australia cyberattack exploited vulnerability usually used in cryptojacking malware attacks

The Australian Cyber Security Centre revealed that hackers exploited known vulnerabilities in the Telerik user interface.

Image by Gerd Altmann from Pixabay

Mon, 29 Jun 2020, 08:42 am UTC

The cyberattacks on Australian networks last June 19 were done by a group “state actors,” according to a recent report released by the Australian Cyber Security Centre. The ACSC said that the attack exploited one of the vulnerabilities usually used to infect systems with cryptojacking malware, Cointelegraph reported.

The ACSC, which released the 48-page report on June 24, revealed that the hackers exploited four critical vulnerabilities in the Telerik user interface called CVE-2019-18935, CVE-2017-9248, CVE-2017-11317, and CVE-2017-11357, according to BleepingComputer.

The CVE-2019-18935 vulnerability has been leveraged by hackers in past attacks and was used to infect systems for cryptocurrency mining purposes. For instance, the vulnerability was used by the Blue Mockingbird hacker group to infect Monero (XMR) crypto mining software XMRRig into thousands of systems.

However, the Australian Cyber Security Center report did not specifically state that the recent attacks on Australian networks were used to install cryptojacking malware. It must also be noted that the report did not claim Blue Mockingbird as a participant in the attacks.

The report also stated that there were other methods of attack attempted by the hacker in the June 19 incident. Thankfully, these methods did not achieve its objective.

“Other exploit payloads were identified by the ACSC most commonly when the actor’s attempt at a reverse shell was unsuccessful,” the report said. “These included: a payload that attempted to execute a PowerShell reverse shell; a payload that attempted to execute certutil.exe to download another payload; a payload that executed binary malware (identified in this advisory as HTTPCore) previously uploaded by the actor but which had no persistence mechanism; a payload that enumerated the absolute path of the webroot and wrote that path to a file within the web root.”

Based on its investigations, ACSC also made recommendations on how to mitigate the risk of compromise. One key area is the “prompt patching of internet-facing software, operating systems, and devices.” This also involves using the latest versions available for software and operating systems.

Another method that could reduce the risk of potential breaches is the “use of multi-factor authentication across all remote access services.” These include web and cloud-based email, collaboration platforms, virtual private network connections, and remote desktop services.

“It is imperative that Australian organizations are alert to this threat and take steps to enhance the resilience of their networks,” the ACSC warned. “Cybersecurity is everyone’s responsibility.”

TokenPost | [email protected]

<Copyright © TokenPost. All Rights Reserved. >

To leave a comment, please sign in.
More
  • Bitcoin (btc) $39,315.00 (-5.36%)
  • Ethereum (eth) $2,588.07 (-0.03%)
  • Tether (usdt) $1.00 (+0.36%)
  • Binance Coin (bnb) $330.88 (-2.66%)
  • Cardano (ada) $1.32 (-3.50%)
  • Bitcoin (btc) $39,315.00 (-5.36%)
Jul 15, 2021 (Thursday)
13:30
BTC Surges by 1.16% Within 5 Mins, Marking 31,824.01 USDT
12:06
BTC Surges by 1.12% Within 5 Mins, Marking 32,104.8 USDT
10:25
BTC Drops by 1.03% Within 5 Mins, Marking 32,171.88 USDT
02:13
TriumphX Scouts 'MINAMCOMPANY' CEO Woo-Seong Lee As Creative Director
02:00
ETH Tops List Of Crypto Net Inflow With $298.96 Mln In Past 10 Hours
Jul 14, 2021 (Wednesday)
13:14
BTC Surges by 1.03% Within 5 Mins, Marking 32,738.08 USDT
09:03
BTC Surges by 1.01% Within 5 Mins, Marking 31,899 USDT
02:30
Crypto Market Sentiment On Jul 14: Market In "Extreme Fear"
02:00
ETH Tops List Of Crypto Net Outflow With $224.97 Mln In Past 10 Hours
Jul 13, 2021 (Tuesday)
02:30
Crypto Market Sentiment On Jul 13: Market In "Extreme Fear"
02:00
ETH Tops List Of Crypto Net Outflow With $178.61 Mln In Past 10 Hours
Jul 12, 2021 (Monday)
02:30
Crypto Market Sentiment On Jul 12: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Inflow With $164.82 Mln In Past 10 Hours
Jul 11, 2021 (Sunday)
21:31
BTC Surges by 1.02% Within 5 Mins, Marking 34,475.6 USDT
10:00
ETH Tops List Of Crypto Net Inflow With $122.76 Mln In Past 18 Hours
06:17
SOBA Listed On LATOKEN
02:30
Crypto Market Sentiment On Jul 11: Market In "Extreme Fear"
02:00
BTC Tops List Of Crypto Net Outflow With $87.56 Mln In Past 10 Hours
Jul 9, 2021 (Friday)
21:40
BTC Surges by 1.08% Within 5 Mins, Marking 33,911.8 USDT
02:30
Crypto Market Sentiment On Jul 09: Market In "Extreme Fear"
Subscribe to the TokenPost newsletter!
Don't show me this again today.
Back to top
Copyright ⓒ TokenPost. All Rights Reserved.
PUBLISHsoft