EclecticIQ Fusion Center Report: Hacker Group Makes $3 Million by Installing Monero Miners on Jenkins Servers (English)
Report from EclecticIQ Fusion Center from Wednesday 21 February 2018.
Key Findings:
- The hackers exploited the CVE-2017-1000353 vulnerability, known as the Jenkins RCE flaw, which enables an attacker to execute malicious code without the user's knowledge.
- The malware was allegedly downloaded from an IP address found in China and associated to the Huaian government network, which has raised suspicion about the attacker's server.
- Researchers have observed that Jenkins servers running on Windows operating systems, are the most targeted by this hacker group.
- Jenkins is heavily targeted by hackers, due to its popularity within large companies and freelance web developers.
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.
Download Report
About EclecticIQ
EclecticIQ develops analyst-centric products that align our clients’ cybersecurity focus with their threat reality. The result is intelligence-led security, improved detection, prevention, and response.
EclecticIQ Fusion Center
EclecticIQ Fusion Center delivers thematic intelligence bundles providing a single curated source of relevant CTI from leading suppliers all in a single contract.