HomesecurityTeamCity vulnerability used for ransomware and cryptomining attacks
security

TeamCity vulnerability used for ransomware and cryptomining attacks

Digital Fortress
By Digital Fortress

Hackers exploited vulnerability Security, recently discovered in JetBrains TeamCity software, to develop ransomware, cryptocurrency miners, Cobalt Strike beacons and the Spark RAT.

TeamCity ransomware vulnerability cryptomining

Specifically, hackers use the vulnerability CVE-2024-27198 (CVSS score: 9.8) allowing them to bypass control measures ID card and gain administrative control over the affected servers.

Intruders can then install malware that can communicate with the command-and-control (C&C) server and execute additional commands, such as deploying Cobalt Strike beacons and remote access trojans (RATs)“, stated Trend Micro.

See also: BianLian ransomware: exploiting JetBrains TeamCity vulnerabilities for attacks

SecNewsTV

SecNewsTV
Περισσότερα... Subscribe!

For example, hackers install ransomware to encrypt Archives and ask for a ransom.

After the public disclosure of the vulnerability in TeamCity (earlier this month), attackers began to exploit it to install BianLian and Jasmin ransomware on the devices of victims. In addition, the bug was used to install the XMRig cryptocurrency miner and the Spark RAT.

Given the above, it is recommended that organizations that rely on TeamCity for CI/CD processes update the Software as soon as possible.

See also: Vulnerability in TeamCity provides authentication bypass

JetBrains TeamCity users face an increased risk of digital attacks, as attackers do not miss the opportunity to exploit vulnerabilities to install ransomware or cryptocurrency miners on their systems.

Moreover, the exploitation of these weaknesses may lead to theft of sensitive data, such as personal information, copyright and trade secrets, which may be used for illegal purposes.

The installation of Cobalt Strike and Spark RAT provides attackers with the ability to obtain remote access in the systems of users, enabling them to control and manipulate these systems.

See also: StopCrypt ransomware: new version to avoid detection

Finally, exploiting the vulnerability in TeamCity can lead to serious disturbances in the functioning of systems, causing disruption to service provision and possible financial losses for the businesses.

Source: thehackernews.com

Follow us on Google News and be the first to know all the news.

Previous article
Hacking attempts detected against Pokémon players
Next article
Dyson brings 360 Vis Nav technology to the US market
Digital Fortress
Digital Fortresshttps://secnews.gr
Pursue Your Dreams & Live!

RELATED ARTICLES

spot_img

Subscribe to the Newsletter

* indicates required

FOLLOW US

LIVE NEWS

Load more

ABOUT US

SecNews.gr: No1 Portal for Technology News. Security, Hacking, TV and Tweaks for Geeks. Instant updates on all the developments in the field of security, TV, Hacks, TV and Geeks. Security and IT.

Contact: contact@secnews.gr

FOLLOW US

SecNews - Copyright © 2010 - 2024