You dont have javascript enabled! Please enable it!

“New ScrubCrypt Crypter: A Stealthy Weapon in Cryptojacking Attacks on Oracle WebLogic”

Reading Time: ( Word Count: )

March 9, 2023

Recently, a new type of crypter has been identified in a series of crypto-jacking attacks targeting Oracle WebLogic servers. To conduct crypto jacking activities, the infamous bitcoin mining organization known as 8220 Gang has been seen employing a unique crypter named ScrubCrypt. It is highly effective at evading detection by security software, making it a formidable weapon for cybercriminals.

Fortinet FortiGuard Labs claims that the malware chain starts when vulnerable Oracle WebLogic systems are successfully exploited to install a PowerShell script that includes ScrubCrypt.

Cryptojacking is a form of cyberattack where attackers use the computing power of a victim’s machine to mine cryptocurrency. In the case of the recent attacks on Oracle WebLogic servers, the attackers were using the ScrubCrypt crypter to inject malware into the servers and then mine cryptocurrency using the server’s computing power.

Cryptojacking Attacks on Oracle WebLogic

According to security researchers, the ScrubCrypt crypter is unique in its ability to evade detection by security software. The crypter uses advanced obfuscation techniques to make the malware code challenging to detect and analyze. Additionally, the crypter can modify its code at runtime, making it even more difficult to detect and analyze.

Also Read: “Soulless Espionage: Sharp Panda Targets Southeast Asian Governments with Latest Framework”

The attacks on Oracle WebLogic servers are particularly concerning because large enterprises and organizations commonly use these servers. The attackers behind the recent attacks are believed to be using the compromised servers to mine cryptocurrency on a large scale, potentially netting significant profits.

In response to the attacks, security experts are urging organizations to take steps to secure their WebLogic servers. This includes keeping server software current, implementing strong password policies, and using security software capable of detecting and blocking ScrubCrypt and other crypters.

While the ScrubCrypt crypter is a new and relatively unknown threat, experts warn that it is unlikely to be the last. As cybercriminals continue to develop new techniques and tools, organizations must remain vigilant and proactive in protecting themselves against cyberattacks.

author bio

Author bio

Hi there, my name is Aydan, and I share exciting information about cyber security and ethical hacking, a.k.a pen-testing.

Other interesting articles

Winter Vivern: “The Latest Cyber Threat Targeting European Governments”

Winter Vivern: “The Latest Cyber Threat Targeting European Governments”

Winter Vivern, an advanced persistent threat (APT) actor, has expanded its cyber espionage campaign by targeting ...
“MacStealer Malware Strikes: iCloud Keychain Data and Passwords at Risk for Apple Users”

“MacStealer Malware Strikes: iCloud Keychain Data and Passwords at Risk for Apple Users”

A new type of macOS malware called MacStealer has been discovered, capable of stealing iCloud Keychain data and ...
Cybersecurity Automation: Empowering Your Cyber Defense

Cybersecurity Automation: Empowering Your Cyber Defense

In today's digital age, cybersecurity is a top priority for organizations of all sizes and industries. As cyber ...
Will Cybersecurity Be Automated?

Will Cybersecurity Be Automated?

In recent years, there has been a growing trend toward automation in many industries, including cybersecurity. The ...

Submit a Comment

Your email address will not be published. Required fields are marked *

error: Alert: Content is protected !!