Bolide Banner

Bug Hunter Nitesh Surana Discovers Crypto-mining Botnet Inside a Web Server of US DOD

By Tokenhell.com | Tokenhell | 7 Feb 2020


This crypto-mining botnet was basically residing inside a web server of DOD. After discovering, the Indian security researcher Nitesh Surana reported and informed DOD about this issue through its official bug bounty program. According to the report, one of the DOD’s Jenkins servers was infected by the crypto-mining botnet.

Full access to Jenkins server was open to everyone

The bug report was actually related to the misconfigured Jenkins automation server. This server operates on AWS (Amazon Web Services) which is connected with the DOD domain.

Also Read: New Report Says: North Korean Hacker Group Hacked the Singapore-based Crypto Exchange DragonEx

Nitesh Surana says that complete access to Jenkins sever was open to everyone. There was no need for login credentials to get access to Jenkins server even access to filesystem was also possible. According to the security researcher, a part of Jenkins’ installation/script folder was also available to everyone. In this folder, users upload their content and files.

He said that a hacker or attacker could install a backdoor in this folder and might upload malicious files into this. He warned DOD that by doing this, the attacker could take control over the Jenkins server.

Researcher claims Server was already hacked before his report

The bug hunter informed the Department of Defense (DOD) that the Jenkins Server was already hacked even before he discovered it. He came to know about this fact while he re-checked his findings.

Also Read: Crypto Exchanges Are Engaged in Money Laundering: Report 2019

Nitesh Surana discovered a malware operation specialized in hacking cloud servers and installing Monero-mining malware while he was tracking down the clues. This crypto-mining botnet used Monero wallet address in order to collect funds, therefore, ZDNet tried to find this address. According to Google results, there were around tens of mentions of this address.

It was also discovered with the help of XMRHunter service that there were almost 35.4 Monero coins in this Monero address. So, it was unlikely to confirm that this botnet operation was being operated on this address.

Official bug bounty program of DOD

The US Department of Defense (DOD) has been hosting and running an official bug bounty program on the HackerOne platform for many years. The bug hunter used this bug bounty platform to inform DOD about this crypto-mining botnet.

 

The Indian Security researcher also said that this case was made public and also revealed the fact that he was not given any reward for this report.

Also Read: US Congress Decides Ban Cryptography While Encryption Ban in the US Puts Cryptocurrency in Danger

How do you rate this article?


3

0

Tokenhell.com
Tokenhell.com

Tokehell is a Google News Approved Blockchain & Crypto News Agency Where You Can Discover News About Cryptocoins, Technical analysis, Blockchain Events, Coin Prices Marketcap And Detailed Reviews on ICOs, IEOs. STOs.


Tokenhell
Tokenhell

Tokehell is a Google News Approved Blockchain & Crypto News Agency Where You Can Discover News About Cryptocoins, Technical analysis, Blockchain Events, Coin Prices Marketcap And Detailed Reviews on ICOs, IEOs. STOs.

Send a $0.01 microtip in crypto to the author, and earn yourself as you read!

20% to author / 80% to me.
We pay the tips from our rewards pool.