A group of hackers that specializes in infecting servers with cryptocurrency mining software has started disabling security software agents used in cloud environments to evade detection. Known as Rocke in the security industry, the group has been active since at least April 2018 and is known for exploiting critical vulnerabilities in web application frameworks and servers like Apache Struts, Oracle WebLogic and Adobe ColdFusion.
[ Get inside the mind of a hacker, learn their motives and their malware. | Sign up for CSO newsletters! ]
To read this article in full, please click here