CyberNews Briefs

Millions of Email Servers at Risk from Cryptomining Worm

Cybereason warns that threat actors have started to exploit a recently patched critical vulnerability that still affects over 3.5 million Exim email servers around the globe. The researchers have spotted two campaigns.

In the first, threat actors were using a command and control (C2) server to target vulnerable devices with simple exploits. The second campaign is more advanced, as it involves various types of malware payloads designed to establish persistence on compromised servers and for distributing malware to other vulnerable machines. The worm-like capability of the malware, which enables it to spread itself across the Internet, is especially worrisome.

Cybereason is urging system administrators to install patches on vulnerable Exim servers as soon as possible, and to remove any malware that may have already made its way onto their machines.

Read more: Millions of Email Servers at Risk from Cryptomining Worm

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.