Atlassian Confluence Flaw Exploited to Install Cryptominers

Share post:

Security companies have reported that threat actors and researchers have actively scanned and exploited the Atlassian Confluence vulnerability.

The news comes just days after researchers publicly released a technical write-up on the vulnerability.

The Confluence Remote Code Execution vulnerability, known as CVE-2021-26084, allows an unauthenticated attacker to remotely execute commands on a vulnerable server.

While the cybersecurity intelligence company Bad Packets had used threat actors from different countries to download and execute PowerShell or Linux shell scripts, the investigation shows that the attacks are mainly to mine cryptocurrencies.

There are some additional concerns that the exploit could also be used for advanced attacks, including spreading the efforts through a network ransomware attack and data exfiltration.

Organizations running a Confluence Server are advised to install the latest updates as soon as possible.

For more information, read the original story in Bleeping Computer.

Featured Tech Jobs

SUBSCRIBE NOW

Related articles

Lawsuit requires Pegasus spyware to provide code used to spy on WhatsApp users

NSO Group, the developer behind the sophisticated Pegasus spyware, has been ordered by a US court to provide...

OpenAI claims New York Times manipulated ChatGPT “fabricate data”

OpenAI has challenged the New York Times' copyright lawsuit, asserting the newspaper manipulated ChatGPT to fabricate evidence. The...

Wendy’s leverages digital tech to test “surge pricing”

Wendy's is set to experiment with Uber-like surge pricing, a concept referred to as "dynamic pricing," starting in...

Meta is gathering data on Quest virtual reality users

Meta's latest policy update reveals plans to start collecting "anonymized" data from its Quest headset users, intensifying concerns...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways