Operators of Cryptomining Botnet Hide Their Backup Communication Behind Bitcoin Blockchain Transactions
The attack chain begins with the exploit of remote code execution (RCE) vulnerabilities impacting software including Hadoop Yarn and Elasticsearch, such as CVE-2015-1427 and CVE-2019-9082.
