Crypto-Mining Attack Targets Web Servers Globally

A new malware family is targeting web servers worldwide in an attempt to ensnare them into a crypto-mining botnet, security researchers have discovered. Dubbed RubyMiner, the threat was discovered last week, when it started launching massive attacks on web servers in the United States, Germany, United Kingdom, Norway, and Sweden. Within a single day, the attackers behind this malware attempted to compromise nearly one third of networks globally, Check Point revealed last week. The purpose of the attack, which is targeting both Windows and Linux servers, is to install a Monero miner by exploiting old vulnerabilities that have been published and patched in 2012 and 2013. The attackers weren’t looking for stealth compromise, but attempted to compromise a large number of vulnerable HTTP web servers as quickly as possible.