1000 Computers, Hacked to Mine Monero


Staff member
The Blue Mockingbird hacker group, has hacked at least 1,000 computers since December 2019 and is used to mine Monero (XMR). Hackers specifically target server computers that can be accessed by the public running ASP.NET applications. Utilizing the CVE-2019-18935 vulnerability, hackers then embed a "web shell". Juice Potato techniques are used by hackers to access Windows and web browsers.
After gaining access to the server computer, the hacker downloads and installs XMRRig, the popular Monero mining application. If the server computer is connected to the company's internal network, then the hacker can use all the computers on the network to mine,