Home Malware Programs Malware Pro-Ocean Malware

Pro-Ocean Malware

Posted: January 29, 2021

Pro-Ocean is a piece of malware that specializes in executing crypto-jacking attacks against users worldwide. The threat is developed and used by an organized cybercrime group tracked under the alias Rocke Group. Their use of the 'The Pro-Ocean Malware was first observed at the beginning of 2019, but the threat has been enhanced greatly since it was first identified. Nowadays, the Pro-Ocean Malware updates have added worm-like capabilities to it, as well as the ability to evade systems used for malware research.

The criminals are going after outdated, Internet-connected software like ApacheActiveMQ and Oracle WebLogic. The exploits they target date back to 2016 and 2017, so users who keep their software up-to-date are unlikely to be in danger because of Pro-Ocean Malware's attacks.

The Pro-Ocean Malware attack method is not surprising. Once it is deployed to a vulnerable computer, it will remove other malware or cryptocurrency miners that might hoard computer resources. After this, it kills processes consuming too much CPU resources, therefore freeing up the computer's hardware for the Rocke Group's cryptocurrency miner.

The 'worm' module included in recent versions of the Pro-Ocean Malware works in a simple but effective manner. It grabs the infected system's IP and then tries to scan other IPs on the same subnet for exploitable vulnerabilities – this might allow the malware to discover other vulnerable systems on the same network.

Naturally, the best way to keep your network safe from such intrusions is to keep your software up-to-date, as well as invest in reliable anti-virus software.

Loading...