Washington State educational organizations targeted in cryptojacking spree
Palo Alto Networks recently released an advisory warning that several recent crypto-jacking incidents have targeted education institutions in Washington State. Crypto-jacking is a type of cyberattack in which attackers use deception tactics to install cryptocurrency mining components that leech off of computational power without being noticed or detected. Different types of miner software is abused by attackers in this type of attack, and attackers attempt to generate cryptocurrencies such as Monero, Litecoin, Bitcoin, and Ethereum. Attackers typically compromise a large number of systems to make the attacks lucrative and bring in more cryptocurrency.
The first attack was spotted by cybersecurity researchers on February 16 and consisted of a malicious HTTP request sent to a domain owned by an educational establishment. Security teams originally thought that it was a trivial command injection vulnerability, however, they later discovered that it was a command for a web shell backdoor that attackers used to gain access to the institution’s network.