"New Golang Worm Turns Windows and Linux Servers Into Monero Miners"
Researchers from Intezer released details about a new Golang-based worm that drops XMRig cryptocurrency miners on Windows and Linux servers. According to the researchers, the worm targets MySQL, Jenkins, Tomcat, WebLogic, and other public-facing services with weak passwords. The attackers behind this campaign have been actively updating the worm on its command-and-control (C2) server, indicating its continued maintenance. The worm is expected to hit more weak configured services in future updates. Security teams are advised to increase the complexity of passwords, limit login attempts, and enable two-factor authentication. Intezer researchers also urge security teams to minimize the use of public-facing services, keep software up to date, and use a cloud workload protection platform. This article continues to discuss the spread, capabilities, potential large-scale impact, and prevention of the new Golang worm.
SC Media reports "New Golang Worm Turns Windows and Linux Servers Into Monero Miners"