OMIGOD: Microsoft Azure VMs Exploited to Drop Mirai, Miners

Share post:

Researchers have found that threat actors exploit Azure OMIGOD, a group of four vulnerabilities in the Open Management Infrastructure (OMI) that provide scope for privilege escalation and remote code execution.

Wiz researchers who first discovered the bugs noted that they may affect thousands of Azure customers and millions of endpoints.

The first attacks were discovered by security researchers, who showed that a Mirai botnet was behind some of the exploit attempts against Azure Linux OMI endpoints, which are vulnerable to CVE-2021-38647 RCE exploits.

In analyzing the botnet, digital forensics company Cado Security noted that it “also closes the ports of the vulnerabilities it exploited to stop other botnets taking over the system.”

Among the steps customers should take to mitigate the risk, Microsoft said: “While updates are being rolled out using safe deployment practices, customers can protect against the RCE vulnerability by ensuring VMs are deployed within a Network Security Group (NSG) or behind a perimeter firewall and restrict access to Linux systems that expose the OMI ports (TCP 5985, 5986, and 1207).”

For more information, read the original story in Bleeping Computer.

SUBSCRIBE NOW

Related articles

Hertz Data Breach Exposes Customer Information via Supply Chain Hack

Hertz has disclosed a data breach resulting from a cyberattack on its vendor, Cleo Communications, which compromised sensitive...

Google’s New Security Feature – Automatic Reboot

Google is introducing a new security feature in its latest Android update that will automatically reboot phones and...

Cybersecurity Firm Prodaft Buys Hacker Forum Accounts to Monitor Cybercriminal Activity

Swiss cybersecurity company Prodaft has initiated a program to purchase verified and aged accounts on hacking forums, aiming...

Operation Endgame: Burnaby, BC Resident Arrested As Cops Go After Individual Hackers

As part of Operation Endgame, international law enforcement agencies have arrested a Burnaby, British Columbia resident accused of...

Become a member

New, Relevant Tech Stories. Our article selection is done by industry professionals. Our writers summarize them to give you the key takeaways