An unnaturally strong hack attacks have been sighted on multiple servers over the course of a couple of months. The discovery was made sometime last week, but the attacks have been happening for more than 2 months.
According to Guardicore Labs, which is a cybersecurity company, nearly 50,000 servers were affected over the course of these past two months with more than 700 victims every single day.
According to the company, the malware was directed towards the victims’ RAM in order to utilize it for personal cryptocurrency mining procedures. Most of the victims targeted were healthcare, telecom and media companies, as well as some IT agencies.
Guardicore managed to discover 20 payloads with malicious content, being spread around various servers and carrying a rootkit in order to prevent any deleting attempts.
Luckily the company contacted all the servers that were hosting the malicious software as well as the toolkit license provider and all of the issues have been resolved.
A hack attack like no other
However, Guardicore is trying to spread awareness across the crypto trading and cybersecurity community, because this was not just some hack attack. It was done through tools which official nation-wide hacker teams used. Like actual state commissioned developers working with state funding.
The attack was classified as Nansh0u, which is a popular method for accessing security protocols in various enclosed areas by militaries in countries such as the US and South Korea. To have it in the hands of independent hackers is a topic for concern, and highlights just how fast the malicious software use can spread without proper surveillance.
