New malware is making the rounds. It is called Kitty and leaves a cheeky note for cat lovers.
It seems crypto jackers are getting into the habit of leaving cheeky notes to their victims.
Researchers at Imperva’s Incapsula said a new piece malware called Kitty leaves a note for cat lovers. It attacks the Drupal content management system (CMS) to illegally mine cryptocurrency Monero.
A part of the blog post reads:
“Lastly, to win over kitty lovers’ hearts, the attacker cheekily asks to leave his malware alone by printing ‘me0w, don’t delete pls i am a harmless, cute little kitty, me0w’.”
The discovery of the Kitty malware came a month after the publication of the Drupalgeddon 2.0 exploit. A remote code execution vulnerability in Drupal versions 7.x and 8.x allows hackers to use several attack methods to infiltrate Drupal websites. Once the sites are compromised, crypto jackers can scan, conduct backdoor implementation and mine cryptocurrency, hijack accounts, and steal data.
The researchers added:
“During the inspection of the attacks blocked by our systems, we came across the ‘Kitty’ malware, an advanced Monero cryptocurrency miner, utilizing a ‘webminerpool’, an open source mining software for browsers. Once the Kitty bash script is executed, a PHP file named ‘kdrupal.php’ is written to the infected server disc. In doing so, the attacker reinforces their foothold in the infected server and guarantees dominance using a backdoor independent of the Drupal vulnerability.”
“In doing so, the attacker infects any future visitor on the infected web server sites to mine cryptocurrency for his disposal,” Incapsula pointed out.
Cheeky crypto jackers
On Wednesday, we reported about an interesting conversation between Timothée Jeannin, a developer at screenshot API service provider ApiLeap, and a crypto jacker who not only advised Jeannin to update domain security but also asked for a job, apparently gaining confidence from the fact that he was able to breach the security protocol.
There was also the hacker who attacked the LA Times to mine digital currencies using the electronic gadgets of visitors to the newspaper website. He left a cheeky note telling the developers to fix their vulnerability “before a bad guy finds it.”