Atlassian Confluence重大漏洞遭到利用,攻擊者意圖挾持伺服器挖礦
支付動態 · 2024-09-02

研究人員針對今年初Atlassian修補的重大漏洞CVE-2023-22527提出警告,至少有3組駭客藉此攻擊Confluence伺服器,並將其用於挖掘加密貨幣

主要有3組人馬利用這項漏洞,其中一組特別引起他們的注意,因為駭客們使用Shell指令碼進行SSH連線,而能在受害伺服器的環境挖礦。

攻擊者下載Shell檔案,並從記憶體內透過bash開啟。研究人員對這個指令碼進行分析,指出一旦啟動,此指令碼會先清除已知的挖礦軟體處理程序,以及從特定資料夾執行的處理程序。

接著,指令碼將刪除所有cron工作排程,並新增C2連線的工作排程,每5分鐘檢查一次。此外,該指令碼還會移除阿里雲的資安防護機制Alibaba Cloud Shield、騰訊雲的映像檔案。

然後,攻擊者進一步收集所需的系統資訊,並透過SSH連線從事挖礦行為,這些駭客也透過SSH進行橫向移動,利用其他伺服器擴大挖礦的規模。最終攻擊者清除系統及bash的事件記錄檔案,抹去作案痕跡。

Popular articles
SBC Summit Canada to Make Player Safety a Key Pillar of 2026 Agenda
Marketing
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
Indiana online casino bill stalls in House committee
Regulation
Global Game Connect (GGC) 2027 Officially Opens Sponsorship & Exhibition Opportunities in Sri Lanka!
HUIDU Focus
What’s on the SBC Summit Conference Agenda in 2026?
Marketing
Are you ready to maximize your earnings? Try ProPush.me Constructor!
Marketing
British gambling levy rates confirmed for each vertical
Regulation
Kazakhstan plans to penalise online casino promotions
Regulation
1spin4win grows its Latin American presence by partnering with Fortuna Juegos
Online Game
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
Zenith partners with HUIDU for 2026 World Cup Carnival Official Tour
Online Game
GAT Expo Puerto Rico Will Pulse with the New Era of Gaming in the Caribbean
Marketing
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
Home
Game
Cooperation
Find
My