Security researchers at Imperva have spotted a new generation of cryptojacking attacks dubbed RedisWannaMine that targets Windows database and application servers. The campain also leverages the leaked NSA exploit EternalBlue to exploit vulnerable Windows systems.Â
According to Imperva, the latest attacks are more complex in terms of evasion techniques and capabilities and demonstrate “a worm-like behavior combined with advanced exploits to increase the attackers’ infection rate and fatten their wallets.”
Imperva further recorded a remote code execution (RCE) attack that exploited CVE-2017-9805, a vulnerability in Apache Struts2 that impacts the Struts REST plugin with XStream handler.