As bitcoin (BTC) and other digital assets keep growing in value and use case, cyberpunks are also upping their game with each passing day, formulating new ways of enriching themselves with ‘dirty crypto.’ In the latest scenario, hackers have found a way to seed cryptojacking malware, as well as other dangerous ransomware via a vulnerability in the Confluence software, according to a Trend Micro report on May 7, 2019.
As stated in the Trend Micro report, earlier in March 2019, Atlassian the creators of Confluence, an enterprise-grade collaboration software written in the Java programming language, published an advisory report on two critical security loopholes in the Confluence program: the WebDAV and Widget connector vulnerabilities.
At the time, Atlassian made it clear to users that threat actors could take advantage of the security hole to “remotely exploit a Server-Side Request Forgery (SSRF) vulnerability in the WebDAV plugin to send arbitrary HTTP and WebDAV requests from a Confluence Server or Data Center instance.”
For the uninitiated, a Collaborative software or groupware is an application software developed to help people involved in a common task to get their work done seamlessly.
Though the Atlassian team claim to have fixed the bug in March by releasing the Confluence Server and Data Center versions 6.15.1, 6.6.12, 6.12.3, 6.13.3 and 6.14.2 respectively, Trend Micro has revealed that hackers are still exploiting the vulnerability to seed the Gandcrab ransomware.
According to Alert Logic, hackers have been able to deploy an exploit code for the CVE-2019-3396 vulnerability,