Researchers from cybersecurity company F5 spoke about a new way of covert mining of cryptocurrency. This time hackers were able to access the free console torrent client rTorrent. Because before the application of the vulnerability, attackers could infect the users ‘ computers application for covert mining of cryptocurrency Monero.
According to Experts, the attackers used a feature implemented in the torrent client of the XML-RPC Protocol in particular is included the execute method, which allows to execute arbitrary shell code on the target system.
To infect the computer when the user navigates to the page controlled by the attackers. If when switching on the computer running the client for rTorrent, hackers installed through a vulnerability in the program for mining cryptocurrency Monero (XMR).
Cyber security specialists advise users rTorrent to test the application in the absence of external connections and to bind a socket program to a local host. In addition, the need to avoid the functionality of XML-RPC, if it is not a default setting — quoted recommendations SecurityLab.
During the exploitation of a vulnerability in their purposes, the burglars were able to get about 13 XMR, which in dollar terms is approximately four thousand.
To discuss this and other news in our high-tech telegram chat. Anyone interested in the topic of cryptocurrencies, welcome to our special chat on this issue. Fans of mining and iron can chat here.
New victim of the miners became a torrent client
Vyacheslav Larionov