| Guided reading | At the end of February, hackers attacked more than 1,400 Apache Solr servers to install a cryptocurrency miner software. The attack on Apache Solr servers is similar to one that occurred in January, when hackers used unpatched Oracle WebLogic instances to install mining rigs to obtain the bitcoin alternative Monero. |
A remote code execution vulnerability is being exploited by Apache Solr attackers, and the Apache Software Foundation released a patch to patch the vulnerability in October. Solr is a widely used Apache program for building search functionality into websites. Marinho believes that the Sorl attackers and the team that installed the exploit software on Oracle WebLogic servers stole almost $226,000 on Monero.
Within nine days between February 28 and March 8, hackers leveraged 1,416 vulnerable Apache Solr servers to deploy the Monero XMRig miner software globally.
But only 722 WebLogic servers were previously attacked, suggesting that the Solr vulnerability has given attackers twice as many servers to mine cryptocurrency. In contrast to PCs, servers are generally attractive targets because they can run on powerful CPUs.
Not only that, but Marinho, chief research officer at Morphus Labs, also pointed out that IBM InfoSphere version 11.5, JBoss Data Grid versions 7.0.0, 7.1.0, JBoss Enterprise Application Platform (EAP) versions 6, 7, 7.0.8 and JBoss 6 Enterprise Portal Platform versions may also be vulnerable to this attack because hackers exploit vulnerabilities in shared libraries.
Provide the latest Linux technology tutorial books for free, and strive to do more and better for open source technology enthusiasts: http://www.linuxprobe.com/