CVE-2023-46604 (Apache ActiveMQ) Vulnerability Exploited to Infect Systems With Cryptominers and Rootkits [Wednesday, November 22, 2023]

CVE-2023-46604 (Apache ActiveMQ) Vulnerability Exploited to Infect Systems With Cryptominers and Rootkits [Wednesday, November 22, 2023]
https://www.securitricks.com/content/images/size/w600/format/webp/2023/12/ATTACK-REPORT-LOGO-2.png
Report

CVE-2023-46604 (Apache ActiveMQ) Vulnerability Exploited to Infect Systems With Cryptominers and Rootkits

Description :
Trend Vision uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.

Published :
2023-11-22T14:28:15.780Z

Created :
2023-11-22T14:28:15.780Z

Modified :
2023-11-22T14:58:05.689Z

Tags

  • cryptominers
  • apache activemq
  • rootkits
  • cve-2023-46604

Indicators

IPv4s :
  • 194.38.22.53
  • 185.122.204.197
Hashes :
  • c6fbd6896d162a12d9c900056781eb82f44649945808b7b009646b5397bcf6bf
  • d8f55bbbcc20e81e46b9bf78f93b73f002c76a8fcdb4dc2ae21b8609445c14f9
  • 0cc60a0c480e4d898fa77ab501bbd2afaf3f5fb89a2917a31e7f5fdaa6c3879c
  • 787e2c94e6d9ce5ec01f5cbe9ee2518431eca8523155526d6dc85934c9c5787c
  • c38c21120d8c17688f9aeb2af5bdafb6b75e1d2673b025b720e50232f888808a
Attacks Pattern :
  • T1014
  • T1210
  • T1496
  • T1105
External References :

You can download the txt file containing the indicators by clicking on the button below:

About the author
Julien B.

Securitricks

Up-to-Date Cybersecurity Insights & Malware Reports

Securitricks

Great! Youโ€™ve successfully signed up.

Welcome back! You've successfully signed in.

You've successfully subscribed to Securitricks.

Success! Check your email for magic link to sign-in.

Success! Your billing info has been updated.

Your billing was not updated.