Z0Miner
The Z0Miner malware is part of a new cryptocurrency mining botnet, which targets old vulnerabilities in servers in Jenkins and ElasticSearch servers. The vulnerabilities in question provide attackers with the ability to execute remote code and therefore gain control over the compromised computers. The Z0Miner is successful because of the large number of ElasticSearch and Jenkins' servers running outdated software – one of the vulnerabilities dates back to 2015. Users who regularly update their software and maintain proper security measures should be safe from Z0Miner's attacks.
The infection vector aside, the Z0Miner performs just like a typical cryptocurrency miner. It initializes a modified copy of the XMRig Miner and starts utilizing the system's CPU resources to mine for Monero. Of course, all profits are transferred to the wallet of the attacker. Allowing a cryptocurrency miner to run on your computer may result in major performance issues, system overheating, and more. So far, the criminals behind the recent Z0Miner campaign have banked over 22XMR or about $4,600.
In the past, Z0Miner has been involved in attacks against Weblogic servers as well – in this campaign, the criminals also relied on previous vulnerabilities that are only found in unpatched servers. Network administrators can keep their systems safe by utilizing reputable security software and keeping the operating system and software up-to-date.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.