Emerging Threat: Hackers Exploit Misconfigured Cloud Services for Crypto Mining
Threat actors are targeting misconfigured and vulnerable servers running Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis services as part of an emerging malware campaign designed to deliver a cryptocurrency miner and spawn a reverse shell for persistent remote access.
By [Errraand News], March 13, 2024
In a worrying development, cybersecurity researchers have identified a new wave of cyberattacks targeting cloud infrastructure, leveraging vulnerabilities in commonly used services such as Apache Hadoop YARN, Docker, Atlassian Confluence, and Redis. These attacks, codenamed “Spinning YARN” by Cado Security, underscore the growing sophistication of threat actors in exploiting misconfigurations and vulnerabilities to deploy cryptocurrency miners and establish persistent access.