Monday, June 17, 2024
spot_img

Tenable Warns That Kinsing Malware Is Exploiting Apache Tomcat Servers With New Advanced Stealth Techniques

spot_img
spot_img
spot_img
- Advertisement -

Tenable — the Exposure Management company, has disclosed that its Cloud Security Research Team has recently discovered that Kinsing malware, known for targeting Linux-based cloud infrastructures, is exploiting Apache Tomcat servers with new advanced stealth techniques.

Kinsing is a notorious malware family active for several years, primarily targeting Linux-based cloud infrastructure. Known for leveraging various vulnerabilities to gain unauthorised access, the threat actors behind the Kinsing malware typically deploy backdoors and cryptocurrency miners (cryptominers) on compromised systems. After infection, Kinsing uses system resources for cryptomining, which leads to higher costs and slower server performance.

Today Tenable has disclosed that Kinsing also attacks Apache Tomcat servers, and uses new techniques to hide itself on the filesystem, including utilising innocent and non-suspicious file locations for persistence.

Mr. Ari Eitan, Manager - Research, Tenable.
Mr. Ari Eitan, Manager – Research, Tenable.

“Cloud cryptomining has become an emerging trend in recent years, powered by the scalability and flexibility of cloud platforms,” said Mr. Ari Eitan, Manager – Research, Tenable. “Unlike traditional on-premises infrastructure, cloud infrastructure allows attackers to quickly deploy resources for cryptomining, making it easier to exploit. In this case, we’ve detected multiple Kinsing infected servers within a singular environment, including an Apache Tomcat server with critical vulnerabilities.”

Covered By: NCN MAGAZINE / Tenable

If you have an interesting Article / Report/case study to share, please get in touch with us at editors@roymediative.com , roy@roymediative.com9811346846/9625243429

- Advertisement -
spot_img
spot_img
spot_img