Blogging Platform Ghost Successfully Fends off Cryptojacking Attack 

Almost everyone continues to face the threat of malware in one way or the other, and it’s been notably worse since the outbreak of the coronavirus. However, while many people have recorded financial losses due to these attacks, some have refused to give in. One of the latter is Ghost, an online blogging platform.

No Way in Here 

The firm announced earlier this week that its developers had successfully combated a crypto-malware attack that threatened to take advantage of their server infrastructures. 

In the release, the firm explained that they came across the attack at 1:30 AM on Sunday. The firm explained that the attackers targeted its Salt server backend infrastructure and managed to take control of their master server using an authentication bypass (CVE-2020-11651) and a directory traversal (CVE-2020-11652).

The attackers went on to try using the infrastructure to mine cryptocurrency – a process that immediately overloaded Ghost’s systems and CPU. Ghost’s developers found the anomaly in time and quickly went to work combating it. After a 4-hour battle, they successfully took the malware down and erased all its traces from their systems. 

Ghost confirmed that they would continue to run checks and cycle important credentials to ensure a full recovery. At the same time, the firm assured its customers and clients that the attackers weren’t able to make off with any valuable information.

Cryptojacking Begins to Ramp Up Amid COVID-19

As stated earlier, the threat of malware attacks has been more prominent since the outbreak of the coronavirus pandemic. With millions now forced to stay home, more hackers have found ways to profit off the agitation and ignorance of the public.

Last week, Tonya Ugoretz, a Deputy Assistant Director at the Federal Bureau of Investigation (FBI), said at a panel discussion that the FBI’s Internet Crime Complaint Center is now getting between 3,000 to 4,000 cybercrime complaints in a day – a 400 percent increase. 

While hacks, in general, appear to be on the increase, it’s worth noting that some haven’t been so prominent. Cryptojacking and ransomware attacks are a part of that trend. 

Still, there have been some prominent cryptojacking reports of late too. Early in April, researchers at Aqua Security confirmed that they had discovered a persistent cryptojacking campaign that targets 1,000 Docker servers every day with a Bitcoin miner. 

As the researchers explained, the malware is a Golang-based Linux agent, known as Kinsing. The malware reportedly exploits configuration errors in Docker API ports. Once it exploits the ports, it propagates and deploys a crypto miner on the host. 

Cybersecurity firm ESET also announced on April 23 that it had successfully disrupted the operations of a Monero-mining botnet in Latin America. The company added that the botnet had infected 35,000 victims since May 2019 – 90 percent of whom are in Peru. 

The botnet, which ESET eventually named Victory Gate, reportedly propagates through external USB drives. The security firm also confirmed that it would work with the Shadowserver Foundation, a non-profit, to share sinkhole logs and try to mitigate VictoryGate’s threat.

Top brokers for buying and trading cryptocurrencies

  • Platform
  • Features
  • Rating
  • Visit Site
  • US-Friendly
  • Paypal accepted
  • 12+ cryptocurrencies

Visit Site
75% of retail investors lose money.
eToro Reviews

    eToro Reviews your account
    Hide eToro Reviews
    • Best broker for non-US countries
    • Trade crypto CFDs, forex and stocks
    • No withdrawal or deposit fees

    Visit Site
    80.5% of retail investors lose money.
    Plus500 Reviews

      Plus500 Reviews your account
      Hide Plus500 Reviews
      Remember, all trading carries risk. Past performance is no guarantee of future results.

      Jimmy has been following the development of blockchain for several years, and he is optimistic about its potential to democratize the financial system.