Cryptojacking Attack Campaign Against Apache Web Servers Using Cobalt Strike

AhnLab Security Emergency response Center (ASEC) is monitoring attacks against vulnerable web servers that have unpatched vulnerabilities or are being poorly managed. Because web servers are externally exposed for the purpose of providing web services to all available users, these become major attack targets for threat actors.

Major examples of web services that support Windows environments include Internet Information Services (IIS), Apache, Apache Tomcat, and Nginx. While the Apache web service is usually used in Linux environments, there are some …

ahnlab apache asec attack attacks campaign center cobalt cobalt strike cryptojacking emergency exposed major malware analysis managed monitoring purpose response security servers services strike threat threat actors unpatched vulnerabilities vulnerable web web servers web services