8220 Gang’s Heist: Exploiting Oracle WebLogic for Cryptomining

Threat Level – Red | Vulnerability Report
Download PDF

Summary:

The 8220 Gang, also known as Water Sigbin, has been aggressively targeting Oracle WebLogic servers to install cryptocurrency miners. Their sophisticated multi-stage loading technique efficiently deploys the PureCrypter loader and the XMRig crypto miner.
 

Threat Level – Red | Attack Report

What’s new on HivePro

Get through updates and upcoming events, and more directly in your inbox