Skip to Content

8220 gang

Updated on 2022-10-17

SentinelOne said last week that 8220 Gang, an infamous cybercrime group that is known for targeting cloud-based infrastructure for cryptomining attacks, has updated its infrastructure and attack methods and is now targeting misconfigured versions of Docker, Apache, and WebLogic servers. In a previous report in July, SentinelOne said the gang infected more than 30,000 cloud servers by exploiting known vulnerabilities and via brute-force attacks. Read more:

Overview

Microsoft has a Twitter thread on the recent activities of the 8220 Gang, a cryptocurrency-mining group active since early 2021. Microsoft says the group has been recently seen exploiting vulnerabilities like CVE-2022-26134 (Confluence) and CVE-2019-2725 (WebLogic) for initial access against Linux systems, confirming similar observations from Check Point earlier this month.

Tags

Tags

    Ads Blocker Image Powered by Code Help Pro

    Ads Blocker Detected!!!

    This site depends on revenue from ad impressions to survive. If you find this site valuable, please consider disabling your ad blocker.