Cybersecurity researchers from F5 talked about a new method of hidden crypto currency extraction. This time hackers could get access to the free console torrent client rTorrent. Due to the vulnerability in the application, attackers could infect the users' computers with an application for the hidden mining of the Monero crypto currency.
According to experts, the attackers used the implementation feature in the torrent client of the XML-RPC protocol, in particular the included execute method, which allows executing an arbitrary shell -code on the target system.
You can infect a computer when a user navigates to a page controlled by intruders. If the rTorrent client is running on the computer, hackers install a program for extracting Montero crypto currency (XMR) through a vulnerability in it.
Cyber security experts advise rTorrent users to check the application for no external connections and bind the sockets of the program to the local host. In addition, XML-RPC functionality should be avoided if it is not the default installation, – SecurityLab cites recommendations.
During the use of the vulnerability for their own purposes, crackers were able to extract about 13 XMR, which in dollar terms is approximately four thousand.
Discuss this and other news in our high-tech telegram chat. All those who are interested in the subject of crypto currency, we invite to our special chat dedicated to this issue. Mining and iron lovers can talk here.