Checkweigher Check Point said last week that mining miners from China were shifting their targets from the Windows platform to Jenkins servers and could be one of the world's largest malicious mining operations.
According to Check Point's tracking analysis, the hacker executed the XMRig mining program on different versions of Windows a year and a half ago, reckoning Monero, which has so far earned more than $ 3 million, but hackers obviously Not satisfied because he is now extending his attack to Jenkins, the world's most popular Continuous Integration (CI) open source tool.
Hackers exploit the so-called JenkinsMiner attack on the CVE-2017-1000353 security vulnerability on Jenkins, an anti-serialization vulnerability affecting Altoros Jenkins for PCF earlier 10.2 and hackers have been using remote access for months Trojan horse (RAT) and XMRig mining program to exploit the loopholes, affecting the global Jenkins users.
Check Point pointed out that JenkinsMiner will cause the Jenkins server to load slower, and aggressive attacks could block the service.
It is estimated that there are currently about 25,000 Jenkins servers exposed on the network, and not only Jenkins, Oracle WebLogic, Ruby on Rails, PHP and IIS and other servers also have become more hackers because of the more computing resources, Attack target.