Hackers have been taking advantage of a serious vulnerability in older versions of Rejetto’s HTTP File Server to plant Monero mining malware and other harmful software. According to reports from cybersecurity company AhnLab, the exploit targets HFS versions up to and including 2.3m, enabling cybercriminals to remotely execute commands without needing authentication.
This vulnerability has enabled hackers to carry out various malicious activities, with instances of deploying malware such as XMRig for Monero mining and remote access trojans like XenoRAT and Gh0stRAT. The exact scale of these attacks and the amount of Monero mined are still uncertain, but the threat is significant.
To address the issue, Rejetto has urged users to steer clear of versions 2.3m through 2.4, labeling them as unsafe and advising against their use. Cybercriminals prefer XMRig for Monero mining due to the cryptocurrency’s strong privacy features, making transactions hard to track. XMRig is also known for its efficiency on different hardware and its ability to operate quietly in the background, evading detection.
It is crucial for users of HTTP File Server to update to the latest version to protect themselves from potential exploitation. Regularly updating software is essential in safeguarding against known vulnerabilities and keeping systems secure from cyber threats. In addition, implementing strong security measures such as multi-factor authentication and network monitoring can help prevent unauthorized access and data breaches.
It is important for organizations and individuals alike to stay vigilant against cyber threats and take proactive steps to enhance their cybersecurity posture. By staying informed about the latest vulnerabilities and adopting best practices for cybersecurity, users can reduce the risk of falling victim to malicious attacks. Remember, prevention is always better than dealing with the aftermath of a cyber incident.