Hackers Harnessed Ghost Servers for Mining Cryptocurrency

Tuesday, 05/05/2020 | 22:39 GMT by Aziz Abdel-Qader
  • Ghostb confirmed it has been hacked as attackers abused the vulnerabilities in popular infrastructure tool Salt.
Hackers Harnessed Ghost Servers for Mining Cryptocurrency
Reuters

Popular blogging platform Ghost and tech firms LineageOS and Digicert were the latest victims of cryptomining attacks, a kind of malware that harnessed their computing powers for mining Cryptocurrencies .

Ghost confirmed it had been hacked as attackers abused the vulnerabilities in popular infrastructure tool Salt and gained access to the Ghost (Pro) sites and Ghost.org billing services.

The open-source platform, which has more than 2 million installs and 750,000 registered users, said its developers quickly detected flaws in the Salt configuration management framework. The mining attempt spiked CPUs and quickly overloaded most of their systems, which alerted us to the issue immediately.

Ghost, which counts big names customers such as Mozilla, NASA, and DuckDuckGo, said customer information and user credentials weren’t infiltrated during the incident.

“All traces of the crypto-mining virus were successfully eliminated yesterday, all systems remain stable, and we have not discovered any further concerns or issues on our network. The team is now working hard on remediation to clean and rebuild our entire network,” the company said on its status page.

The developer of Salt, Saltstack, has introduced two updates to address the vulnerabilities in its tool, which is widely used by data centers and in cloud-based environments for server configuration and monitoring.

Ghost's cloud isn’t the first to be hacked by cryptocurrency miners. Several businesses and government agencies have fallen victim to Cryptojacking attacks over the past few years.

Virginia-based bank Capital One revealed in July that more than 100 million of its customers had their personal data exposed in a hack. The hack also affected 6 million in Canada, and the leaked data was used for hijacking the resources of comprised machines to solve mathematical problems and collect cryptocurrency rewards.

Cryptojacking, which is also known as cryptomining malware or coinjacking, has become a rampant practice. As Finance Magnates previously reported, instances of such malware have shot up over the last two years, leading commentators to warn of an epidemic.

Popular blogging platform Ghost and tech firms LineageOS and Digicert were the latest victims of cryptomining attacks, a kind of malware that harnessed their computing powers for mining Cryptocurrencies .

Ghost confirmed it had been hacked as attackers abused the vulnerabilities in popular infrastructure tool Salt and gained access to the Ghost (Pro) sites and Ghost.org billing services.

The open-source platform, which has more than 2 million installs and 750,000 registered users, said its developers quickly detected flaws in the Salt configuration management framework. The mining attempt spiked CPUs and quickly overloaded most of their systems, which alerted us to the issue immediately.

Ghost, which counts big names customers such as Mozilla, NASA, and DuckDuckGo, said customer information and user credentials weren’t infiltrated during the incident.

“All traces of the crypto-mining virus were successfully eliminated yesterday, all systems remain stable, and we have not discovered any further concerns or issues on our network. The team is now working hard on remediation to clean and rebuild our entire network,” the company said on its status page.

The developer of Salt, Saltstack, has introduced two updates to address the vulnerabilities in its tool, which is widely used by data centers and in cloud-based environments for server configuration and monitoring.

Ghost's cloud isn’t the first to be hacked by cryptocurrency miners. Several businesses and government agencies have fallen victim to Cryptojacking attacks over the past few years.

Virginia-based bank Capital One revealed in July that more than 100 million of its customers had their personal data exposed in a hack. The hack also affected 6 million in Canada, and the leaked data was used for hijacking the resources of comprised machines to solve mathematical problems and collect cryptocurrency rewards.

Cryptojacking, which is also known as cryptomining malware or coinjacking, has become a rampant practice. As Finance Magnates previously reported, instances of such malware have shot up over the last two years, leading commentators to warn of an epidemic.

About the Author: Aziz Abdel-Qader
Aziz Abdel-Qader
  • 4984 Articles
  • 31 Followers
About the Author: Aziz Abdel-Qader
  • 4984 Articles
  • 31 Followers

More from the Author

CryptoCurrency

!"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|} !"#$%&'()*+,-./0123456789:;<=>?@ABCDEFGHIJKLMNOPQRSTUVWXYZ[\]^_`abcdefghijklmnopqrstuvwxyz{|}