google-site-verification: google30a059f9a075f398.html

Hackers Abusing Apache CouchDB Vulnerabilities to Deploy Malware & Mining Monero Cryptocurrency

CyberWisdom Safe Harbor Commentary on Apache CouchDB Vulnerabilities :

Today I came across this story from gbhackers.com that calls things we don’t talk about but security researchers at TrendMicro observed cryptographic mining attacks by exploiting the Cryptocurrency mining malware exploits in popular database systems with, Apache CouchDB vulnerabilities.

According to their global sensor report, a new attack on the popular open-source database Apache CouchDB system vulnerabilities.

Over the past few years, Crypto has provided cybercriminals with a very easy way to generate huge revenues by hijacking web browsers and injecting malicious scripts and controlling the victim’s CPU usage.

Mining cryptocurrencies legally is a resource-intensive process, so attackers need to ransom money and infect other computers to mine cryptocurrencies.

Vulnerability Exploited – Cryptocurrency Mining Malware
An attacker responded to the patched vulnerability CVE-2017-12635 (Apache CouchDB JSON Remote Privilege Upgrade Vulnerability) and CVE-2017-12636 (Apache CouchDB _config Command Execution).

The researchers said: “These vulnerabilities allow attackers to provide attackers with duplicate keys so they can gain access to the system, including administrator privileges, that attackers can use to execute arbitrary code.”
According to the DB engine, CouchDB is one of the popular database management systems, ranking 27 out of 309. By default, it looks like TCP port 5984 and peak monero mining activity in early February.

Cryptocurrency mining malware from Apache CouchDB Vulnerabilities

By exploiting this vulnerability, CVE-2017-12635 attackers can create a CouchDB account with administrator rights and later use an administrator account to run remote code by exploiting the vulnerability CVE-2017-12636.

Also, read the largest cryptographic mining activity – Hacker mining $ 3 million Monroe cryptocurrency

Encrypted currency attacks have been upgraded since 2018 and mining cryptocurrencies requires computational power. Due to these difficulties, attackers use flaws in the organization that contain vast resources.

Mitigating Measures – Encrypting Money to Dig Malware
As long as your server has an RCE vulnerability, an attacker can exploit it and include malicious scripts. Encrypted currency attacks not only harm the system but also consume all system resources.

Mitigation Remedies

  1. Regular system updates prevent exploitation of these vulnerabilities.
    2.Do not use the default system credentials.
  2. By placing intrusion detection system, these attacks can be eased

 

Read More..

Security researchers from TrendMicro observed a crypto mining attack by exploiting the vulnerabilities in the popular database system to deliver Cryptocurrency Mining Malware. According to their global Sensor reports the new attacks targetting the vulnerabilities in the popular open source database Apache CouchDB system. Past few year Crypto currency mining is a very easy method for cybercriminals… Engaging post, Read More…

thumbnail courtesy of gbhackers.com

If you like to receive more of these curated safe harbor news alerts then subscribe to my mailing list. and come back soon at https://www.safeharboroncyber.com/Blog/ to read further CyberWisdom Safe Harbor Commentaries. Home » Curated SafeHarboronCyber’s CyberWisdom Post » Hackers Abusing Apache CouchDB Vulnerabilities to Deploy Malware & Mining Monero Cryptocurrency