Rocke Group Actively Targeting the Cloud: Wants Your SSH Keys
released on 2021-04-08 @ 07:28:51 PM
Intezer Labs has found a new malware variant developed by Rocke Group, that infects other machines in the network using saved SSH keys and weak passwords. It also exploits vulnerabilities in popular platforms and services such as Jenkins, Redis and ActiveMQ. Once the victim is infected a Monero cryptominer is executed.