Blue Mockingbird, a codename that infects enterprise systems
By MYBRANDBOOK
Blue Mockingbird, a hacker group is believed to infect thousands of enterprise systems, with a cryptocurrency mining malware. Malware analysts from cloud security firm Red Canary spotted this malware early this month, but the Blue Mockingbird group has been active since December 2019.
According to the researchers the Blue Mockingbird attacks public-facing servers that run on ASP.NET apps using the Telerik framework for their user interface (UI) component.
The hackers exploited the vulnerability dubbed as CVE-2019-18935 to insert a web shell on the attacked server. A version of the Juicy Potato technique was used to get admin-level access and modify server settings to obtain (re)boot persistence.
On attaining complete access to a system, the gang downloaded and installed a version of XMRRig, which is a popular cryptocurrency mining app for the Monero (XMR) cryptocurrency.
According to the ex gh weakly-secure RDP (Remote Desktop Protocol) or SMB (Server Message Block) connections.
The researchers do not have full details about the botnet’s operations, yet they believe that the botnet must have made at least 1,000 infections so far. They say that the number of companies affected could be much higher, and even companies that are considered to be safe are also at risk of attack.
The vulnerable Telerik UI component might be part of ASP.NET applications that are running on their latest versions. But the Telerik component might be outdated posing risk to the companies.
The Telerik UI CVE-2019-18935 vulnerability has been listed as one of the most exploited vulnerabilities used to plant web shells on servers.
In cases where the organizations do not have an option to update their vulnerable apps, they must ensure that they block exploitation attempts for CVE-2019-18935 at their firewall level. And if they do not have a web firewall, they must check for a compromise at the server and workstation level.
BREAKING NEWS
TECHNO TRENDS
BHIM to join e-commerce, competing with PhonePe and Google Pay
The government-supported payment software BHIM is getting ready to join t...
The latest version of X helps prevent deepfakes on social medi
To combat deepfakes and shallowfakes, Elon Musk revealed a new update t...
India and Namibia collaborate on a payment system similar to U
Once operational, the platform will enable digital transactions in Namibia,...
Sebi issues show-cause notices to six Adani group firms
Sebi issued show-cause notices to six Adani Group firms, including Adani ...
E-Magazine
TECHNOTAINMENT
Airtel Xstream Play strengthens regional content library, part
Bharti Airtel (“Airtel”), one of India’s leading telecommunications
ED attaches Raj Kundra, Shilpa Shetty’s Rs 97 crore worth as
The Enforcement Directorate (ED) has seized businessman Raj Kundra's pro
MOVERS & SHAKERS
Saviynt ropes in Sanjeevi Kumar as new Sales Director in India
The cloud-native identity and governance platform solutions provider Saviy
UiPath ropes in Raghu Malpani as Chief Technology Officer
UiPath has announced Raghu Malpani as Chief Technology Officer. Malpani w
OPEN YOUR EYES
INTERVIEWS
Elastic democratizing search with powerful AI and ML-enabled s
Elastic is always committed to staying ahead of the curve and constantly re
CommScope celebrates its 25 years of legacy in India by contin
A strong brand must also reflect the company values and speak exactly what
HOT PICK
COLORFUL rolls out an array of gaming laptops
COLORFUL launched its incredible series of COLORFUL EVOL P15 gaming laptop
Dell Technologies launches new AI-powered commercial PC portfo
Dell Technologies has launched the broadest portfolio of commercial AI lap
MAKE IN INDIA BRANDS
HP INDIA SALES PVT. LTD.
LUMINOUS POWER TECHNOLOGIES PVT. LTD.
LENOVO GROUP LTD.
FIREBOLTT
EMINENT CIO'S OF INDIA
ICONS OF INDIA
Technology Icons Of India 2023: Gautam Adani
Gautam Adani is the Founder and the Chairman of the Adani Group, an In...
Technology Icons Of India 2023: Byju Raveendran
Byju Raveendran is the founder of edutech start-up Byju’s. Raveendra...
Technology Icons Of India 2023: Rishad Premji
Rishad Premji is the son of the Wipro head Azim Premji and was named a...
PARTNER SPEAKERS
PSU
EESL encouraging e-mobility adoption across India
Energy Efficiency Services Limited (EESL) is a Super Energy Service Co...
Aadhaar: Architecting the World's Largest Biometric Identity System
The Unique Identification Authority of India (UIDAI) is a statutory au...
New defence PSUs will help India become self-reliant
MIL, India’s biggest manufacturer and market leader is engaged in Pr...
VIDEOS
Top 25 Brands
Value-Added Distribution
SATCOM INFOTECH PVT. LTD.
Satcom Infotech Pvt. Ltd is a distribution houses in security in India...
INGRAM MICRO INDIA PVT. LTD.
Ingram Micro India, a large national distributor offers a comprehensiv...
EXCLUSIVE NETWORKS SALES INDIA PVT. LTD.
Exclusive Networks is a globally trusted cybersecurity specialist hel...
ITFORUM 2024
WIITF 2024
CMO of the Year
WOMEN LEADERSHIP
EMINENT CIO's OF INDIA
TRENDS IN TECHNOLOGY
MORE VIDEOS
ADVERTISEMENTS
TECHNOLOGY DISRUPTION
UNICORNS REVOLUTIONISING
