According to a new ZDNet report, Blue Mockingbird, a group of cryptojackers, has managed to gain unauthorized access to enterprise systems in order to mine Monero, a popular privacy-focused cryptocurrency.
Denver-based cybersecurity technology company Red Canary claims that the group of hackers behind this most recent illegal mining campaign has been active since late 2019.
A widespread vulnerability
The report states that Blue Mockingbird is so far responsible for about 1,000 infections over a relatively short period of time.
However, the firm notes that the scope of the cryptojacking operation might be underestimated.
In order to infiltrate enterprise systems, the hackers behind Blue Mockingbird were able to exploit a rather common security vulnerability in the Telerik ASP.NET UI product.
Companies are encouraged to monitor their servers in order to detect a Blue Mockingbird attack early on.
Back in April, Hacker News reported that another botnet called ‘Vollgar’ had compromised thousands of Microsoft servers to mine Monero.
Monero as the source of monetizing
Monero allows obfuscating the information about the sender and the receiver of a certain transaction. This makes it the most popular choice with cryptojackers who have switched from energy-intensive Bitcoin to anonymity-focused altcoins.
Cybersecurity provider ESET revealed that cryptocurrencies became the main source of monetization for the Stantinko botnet that has been around since 2012.
Recently, the Slovak firm also revealed new obfuscation techniques that are used by the botnet to bypass detection.
Usually, cryptojacking campaigns pick up pace in tandem with the price of Monero. This was the case last year when the leading privacy coin reached $115 last summer.