MY BRAND BOOK Blue Mockingbird, a codename that infects enterprise systems

Blue Mockingbird, a codename that infects enterprise systems

By MYBRANDBOOK

Blue Mockingbird, a hacker group is believed to infect thousands of enterprise systems, with a cryptocurrency mining malware. Malware analysts from cloud security firm Red Canary spotted this malware early this month, but the Blue Mockingbird group has been active since December 2019.

According to the researchers the Blue Mockingbird attacks public-facing servers that run on ASP.NET apps using the Telerik framework for their user interface (UI) component.

The hackers exploited the vulnerability dubbed as CVE-2019-18935 to insert a web shell on the attacked server. A version of the Juicy Potato technique was used to get admin-level access and modify server settings to obtain (re)boot persistence.

On attaining complete access to a system, the gang downloaded and installed a version of XMRRig, which is a popular cryptocurrency mining app for the Monero (XMR) cryptocurrency.

According to the ex gh weakly-secure RDP (Remote Desktop Protocol) or SMB (Server Message Block) connections.

The researchers do not have full details about the botnet’s operations, yet they believe that the botnet must have made at least 1,000 infections so far. They say that the number of companies affected could be much higher, and even companies that are considered to be safe are also at risk of attack.

The vulnerable Telerik UI component might be part of ASP.NET applications that are running on their latest versions. But the Telerik component might be outdated posing risk to the companies.

The Telerik UI CVE-2019-18935 vulnerability has been listed as one of the most exploited vulnerabilities used to plant web shells on servers.

In cases where the organizations do not have an option to update their vulnerable apps, they must ensure that they block exploitation attempts for CVE-2019-18935 at their firewall level. And if they do not have a web firewall, they must check for a compromise at the server and workstation level.

BREAKING NEWS

Elon Musk Merges X with xAI in $33 Billion Stock Deal...

Elon Musk has made waves once again by merging X (formerly Twitter) with...

India Strengthens Electronics Supply Chain with ₹22,919 Cr Manu...

The scheme aims to attract an investment of INR 59,350 Cr, resulting in pro...

Govt Drops Import Duty making EV Batteries cheaper...

The Centre is taking measures to counter the impact of US President Donald ...

CERT-In’s New Advisory Unveils Hidden Cyber Threats...

The advisory highlights critical vulnerabilities in AI models, outlines mul...

TECHNO TRENDS

Legal Battle Over IT Act Intensifies Amid Musk’s India Plans

The outcome of the legal dispute between X Corp and the Indian government c...

Wipro inks 10-year deal with Phoenix Group's ReAssure UK worth

The agreement, executed through Wipro and its 100% subsidiary,...

Centre announces that DPDP Rules nearing Finalisation by April

The government seeks to refine the rules for robust data protection, ensuri...

Home Ministry cracks down on PoS agents in digital arrest scam

Digital arrest scams are a growing cybercrime where victims are coerced or ...

E-Magazine

TECHNOTAINMENT

For 2nd Time, Kaspersky announced Mumbai Indians’ Official C

Hrithik Roshan to endorse RuPay as Brand Ambassador

RuPay is reportedly planning to feature Bollywood superstar Hrithik Rosha

India Today Group launches – AI Pop Stars

Staying true to our industry leadership position in using cutting-edge tech

MOVERS & SHAKERS

Cloudflare Promotes Goran Risticevic as VP & MD for APAC

TelioLabs ropes in Phaniraj V A as the Group CEO

TelioLabs has announced the onboarding of Phaniraj V A as its new Group CE

Wipro Appoints Amit Kumar as Managing Partner and Global Head

Wipro Limited (NYSE: WIT, BSE: 507685, NSE: WIPRO), a leading technology s

OPEN YOUR EYES

Opportunities For Technological Disruption In Times Of Crisis

India's IT industry has moved nearly two thirds of its 4.36 million workforces to work from home

We have to continue our efforts to drive the country

Entire communications is moving towards Webinar :Age of Discovery

Brands across the board are reinventing strategies to bring back customers

INTERVIEWS

Cisco building a trusted and resilient future for the nation

AMD Pensando driving innovation in the DPU architecture space

AMD Pensando stands out in the DPU (Data Processing Unit) market with its u

Acer addresses evolving customer needs by consistently pushing

Acer offers a comprehensive range of products under one roof, including des

HOT PICK

ASUS ExpertCenter P500 Mini Tower Desktop PC's launched in Ind

MSI Announces the availability of RTX 50 series of laptops in

MSI, the innovative computing manufacturer in gaming, creator

Nothing Phone (3a) goes on sale today, starting at Rs 19,999

The phone was launched on March 4, featuring a 50MP main, ultra-wide, and t

MAKE IN INDIA BRANDS

GLOBUS INFOCOM LTD.

POLYCAB INDIA PVT. LTD

FIRE BOLTT

INFOSYS TECHNOLOGIES PVT. LTD.

EMINENT CIO'S OF INDIA

AI SYSTEMS ARE ENABLING A SEISMIC SHIFT IN THE WORLD OF CYBERSECURITY

AI’s analytical prowess enables it to analyze an...

AIM TO PUT IA SOLUTIONS WITH A WIDE “GENERAL INTELLIGENCE” SCOPE INTO PRACTICE

Our firm is fortunate to be led by distinguished i...

AI TO IMPROVE INSIGHTS THROUGH AUGMENTED ANALYTICS, WHILE EDGE COMPUTING TO ALLOW REAL-TIME PROCESSING

For the fiscal year 2024-25, our organization has ...

ICONS OF INDIA

Icons Of India : Harsh Jain

Harsh Jain, the co-founder of Dream 11, the largest fantasy sports web...

ICONS OF INDIA : VIJAY SHEKHAR SHARMA

Vijay Shekhar Sharma is an Indian technology entrepreneur and multimil...

ICONS OF INDIA : RISHAD PREMJI

Rishad Premji is Executive Chairman of Wipro Limited, a $11.3 billion ...

PARTNER SPEAKERS

A Trusted IT Partner Renowned For Reliability, Expertise, and Customer-Centricity

Fast paced changes in digital technology and constant innovations are impactin...

Ensuring Mutual Success By Aligning Partner's Needs

The IT industry is one of the most dynamic industries. Here, not only does the...

Regaining its Technical Aura By Resonating Consistency & Reliability

Brand awareness metrics and KPIs help TDM Networks to monitor and analyze the ...

PSU

STPI - Software Technology Parks of India

STPI promotes and facilitates the growth of the IT and ITES industry i...

C-DOT - Center of Development of Telematics

India’s premier research and development center focused on telecommu...

ITI - ITI Limited

ITI Limited is a leading provider of telecommunications equipment, sol...

VIDEOS

Top 25 Brands

Most Trusted Brands 2024: GOOGLE

Google has a long history of technological innovation across various domains, ...

Most Trusted Brands 2024 : Cisco Systems Inc

Cisco positions itself as the company that connects people, devices, and data,...

HEWLETT PACKARD ENTERPRISE COMPANY (HPE)

HPE is an edge-to-cloud company with offerings spanning Cloud Services, Comput...

Global Indian industry

Indian Tech Talent Excelling The Tech World - ARVIND KRISHNA, CEO – IBM

Arvind Krishna, an Indian-American business executive, serves as the C...

Indian Tech Talent Excelling The Tech World - AJAY BANGA, President - World Bank

Ajay Banga is an Indian-born American business executive who currently...

Indian Tech Talent Excelling The Tech World - Sanjay Mehrotra, CEO- Micron Technology

Sanjay Mehrotra, the President and CEO of Micron Technology, is at the...

ITFORUM 2025

STARNITE AWARDS 2024

CMO of the Year

WOMEN LEADERSHIP

IMAGE GALLERY

TRENDS IN TECHNOLOGY