The cryptomining trojan z0Miner has been taking advantage of the Atlassian's Confluence remote code execution (RCE) vulnerability assigned as CVE-2021-26084. Given the increasing popularity of the cryptocurrency market, we expect malware authors behind trojans like z0Miner to constantly update the techniques and entry vectors they use to gain a foothold within a system. This trojan was initially observed exploiting Oracle's WebLogic Server RCE, CVE-2020-14882, late last year. Since then, z0Miner has been gaining attention by utilizing different unauthorized RCE vulnerabilities, such as the ElasticSearch RCE bug, aka CVE-2015-1427.
Login to the community
No account yet? Create an account
LoginCUSTOMER / CYMULATE EMPLOYEE LOGIN
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.