Example of how attackers are trying to push crypto miners via Log4Shell
released on 2021-12-27 @ 11:22:29 AM
While following Log4Shell's exploit attempts hitting our honeypots, the researcher came across another campaign trying to push a crypto miner on the victim’s machines. The previous campaign he analyzed used a simple post-exploitation Powershell script to download and launch the coin miner xmrig. The new one uses a .Net launcher to download, decrypt, and execute the binaries.