VERY IMPORTANT

F5 researchers recently noticed a new campaign exploiting a vulnerability in Microsoft Internet Information Services (IIS) 6.0 servers (CVE–2017–7269) in order to mine Electroneum crypto-currency. Last year, ESET security researchers reported that the same IIS vulnerability was abused to mine Monero, and install malware to launch targeted attacks against organizations by the notorious “Lazarus” group. Lazarus is widely believed to be North Korean government hackers. This new campaign shows that there are still systems vulnerable to this year-old vulnerability on an operating system that was declared End-of-Life (EOL) three years ago.