Microsoft Exchange Servers Targeted By Prometei Botnet To Mine Cryptocurrency

Prometei botnet is targeting unpatched Microsoft Exchange servers to add them into their Monero crypto mining group. The malware has been known since 2016, but has been updated with backdoor capabilities with support for an extensive array of commands, including downloading and executing files, searching for files on infected systems, and executing programs or commands on behalf of the attackers. Threat actors behind the botnet are unknown, however, the name and the code suggests they speak Russian. Read more...