April 18, 2021 By Pierluigi Paganini
Threat actors targeted are exploiting the ProxyLogon vulnerabilities in Microsoft Exchange servers to deploy Monero cryptocurrency miners.
Sophos researchers reported that threat actors targeted Microsoft Exchange by exploiting ProxyLogon vulnerabilities to deploy malicious Monero cryptominer in an unusual attack.
The unknown attacker is attempting to deliver a payload which is being hosted on a compromised Exchange server.