Holesworm Botnet exploiting known Windows/Linux vulnerabilities

Have you heard about Crypto Mining Botnets which are used to mine cryptocurrencies?

The HolesWorm botnet is the latest in a long line of crypto-mining botnets that are making headlines these days. Since June, the HolesWorm crypto miner malware has been able to sneak into over 1,000 cloud hosts by taking advantage of more than 20 known vulnerabilities in Linux and Windows systems.

Tencent researchers initially discovered HolesWorm, which they dubbed as “King of Vulnerability Exploitation.”

Researchers identified that this malware has been exploiting the vulnerabilities in following software:

● Docker

● Jenkins

● Apache Tomcat

● Apache Struts

● Apache Shiro

● Apache Hadoop Yarn

● Oracle WebLogic

● Spring Boot

● Zhiyuan OA


● Panwei OA

● Yonyou GRP-U8

This malware targets out-of-date servers. Since they are the latest malware coders and hence exploiting the target easily.

Other than its crypto mining function, this malware can also share passwords and usernames with hackers.

Adcy.io recommends organizations to get necessary VAPT services immediately to find and eliminate all the vulnerabilities before it gets exploited.