Security Vulnerability Hidden in Scarlett Johansson Image

28/12/2020

There is a new security vulnerability found by the community hidden in an image of the famous bombshell actress Scarlett Johansson. To make this more strange and intriguiging the image file of Scarlett contains embedded code which be used to start Monero Crypto Currency Mining!

The attack will target PostgreSQL databases, insert a stored function into the database, and then call this function to execute their exploit code. The code will execute from the system shell via the stored function and start doing reconnaissance on the victim system by looking for what type of GPU is installed on the system and might be used for crypto mining!!! After identified, the attacker can start cryptomining on the victim system and update their own account with the profits.

Imperva Notes In Their Report:

After logging into the database, the attacker continued to create different payloads, implement evasion techniques through embedded binaries in a downloaded image, extract payloads to disk and trigger remote code execution of these payloads. Like so many attacks we’ve witnessed lately, it ended up with the attacker utilizing the server’s resources for cryptomining Monero.

The security company Imperva was first to identify this vulnerability has written a detailed report about it.

Above Image and Quotes are provided by Imperva, please see the full report.

ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

Linux security Best Practices 2018

Security is a false feeling that if we are secure, we have a feeling that we are not secure and if have a feeling that we...
28/12/2020

Linus Torvalds Slams AMD CPU flaw security report

thumbnail courtesy of theinquirer.net The spectre and meldown security vulnerabilities have woken up the industry to potential...
28/12/2020

Does Linux Need Antivirus?

Linux has gained a good name for being secure enough, and resistant to many malwares out there. Some of the popular Linux...
28/12/2020
Bài Viết

Bài Viết Mới Cập Nhật

Reliable IPv4 and IPv6 Subnet Rental Services: The Perfect Solution for Global Businesses
23/12/2024

Tìm Hiểu Về Thuê Proxy US – Lợi Ích và Cách Sử Dụng Hiệu Quả
11/12/2024

Mua Proxy V6 Nuôi Facebook Spam Hiệu Quả Tại Onetcomvn
03/06/2024

Hướng dẫn cách sử dụng ProxyDroid để duyệt web ẩn danh
03/06/2024

Mua proxy Onet uy tín tại Onet.com.vn
03/06/2024