Cybercriminals are delivering Monero-mining malware designed to turn entire systems into mining bots via a Drupal vulnerability that was patched back in April of this year.
Trend Micro researchers observed a series of network attacks during which threat actors were exploiting CVE-2018-7602, a remote code execution (RCE) vulnerability affecting Drupal versions 7 and 8, according to a June 21 blog post.
An attacker who has successfully exploited this vulnerability has elevated the permission to modify or delete the content on the Drupal run site. Researchers noted that while attackers are exploiting the vulnerability to mine cryptocurrency now, it could be used as a doorway to other threats.
Read more from SC Media