VERY IMPORTANT

Attacks abusing cryptocurrency miners have been on an upswing — in large part due to the growing popularity of digital currencies. Based on data from our sensors that we deployed worldwide, we have observed a new attack that exploits two vulnerabilities in a popular database system to deliver miners (detected by Trend Micro as HKTL_COINMINE.GE, HKTL_COINMINE.GP, and HKTL_COINMINE.GQ) for the Monero cryptocurrency. In this instance, Apache CouchDB — an open source database management system designed to combine scalable architecture with an easy-to-use interface — is being targeted.