The Latest Cryptojacking Malware on Microsoft Exchange Servers and How to Counter It
Updated · Feb 21, 2022
Microsoft Exchange users? Come closer.
Attackers are now targeting Microsoft Exchange servers by using cryptocurrency mining malware to exploit vulnerabilities. Interestingly, an attack on March 9th, 2021, corresponded with the latest Microsoft cycle update release date.
Why servers? Why not laptops or computers?
Well, servers such as Microsoft Exchange have a higher processing power. They allow the cryptojackers to comb the WorldWideWeb looking for machines to make use of. Afterward, they put them in a network to mine coins for them for free.
Microsoft released a report in mid-March warning users that the hack - which originated from China - is becoming commonplace worldwide. The company disclosed to Brian Kreb, a security expert, that it became aware of the issue back in January 2021.
They affect Exchange Server 2019, Exchange Server 2016, and Exchange Server 2013. They are as follows:
- CVE-2021-26855 - Servers trust unauthenticated servers using Server Side Request Forgery (SSRF)
- CVE-2021-26857 - Attackers combine stolen credentials with Exchange Unified Messaging Service (EUMS)
- CVE-2021- 26858 - Vulnerability involves the execution of remote code
- CVE -2021- 27065- Execution of remote code
The cryptojacking works by running Monero mining secretly. According to Andrew Brandt, a threat researcher, the currency is much easier to mine anonymously. In fact, statistics show that almost 5% of the coins in circulation are purely from cryptojacking.
The attack that leverages the ProxyLogon exploit takes advantage of the Exchange Servers to unload the altcoin. With the latest episode, it’s hard to trace the wallet owners. Unless, of course, the criminal uses a tremendous amount of processing power.
Deyan has been fascinated by technology his whole life. From the first Tetris game all the way to Falcon Heavy. Working for TechJury is like a dream come true, combining both his passions – writing and technology. In his free time (which is pretty scarce, thanks to his three kids), Deyan enjoys traveling and exploring new places. Always with a few chargers and a couple of gadgets in the backpack. He makes mean dizzying Island Paradise cocktails too.
Latest from Author
Your email address will not be published.