Kinsing Malware Utilizes Apache ActiveMQ RCE to Deploy Rootkits

Summary:

The Kinsing malware operator is actively taking advantage of the critical vulnerability CVE-2023-46604 in Apache ActiveMQ, an open-source message broker. The vulnerability allows remote code execution, facilitating deployment of Kinsing malware   ( aka h2miner), which functions as a cryptocurrency miner.

Threat Level – Red | Attack Report

For a detailed threat advisory, download the pdf file here

To receive real-time threat advisories, please follow HiveForce Labs on LinkedIn.