月度归档:2020年10月

Bitcoin mining Malware analysis

0x01 mining Malware feature

1. maybe automation attack other servers and get server credentials and attack other servers again

2. Persistence control server credentials

0x02 The first mining malware script

example:
the attack exploits a flaw on WebLogic servers and executes system commands. eg: wget mining malware, it can kill other mining malware processes and write commands in crontab file. sometimes the script adds vulnerability exploit modules to infect other servers.