Kerberods

Kerberods Description

A vulnerability that is explored by hackers, the CVE-2018-1000861 vulnerability, is allowing the con artists to introduce a malware threat named Kerberods, which installs a miner that targets the Monero cryptocurrency exclusively. This vulnerability that was disclosed by Jenkins developers in December 2018 affects the Stapler HTTP request handling engine, which Jenkins use on its automation server for open source software development. The developers also informed that a patch for the vulnerability was created and available to the public. To have persistence, the Kerberods malware creates a cron job if it doesn't get root permissions. However, if the Kerberods malware obtains root permissions, it delivers a payload that carries a library on the machine's operating system, which will act like a rootkit. After these steps, the Kerberods malware will be ready to start mining Monero illicitly and sending it to its controllers.

The Kerberods malware has the capacity of self-replicate every ten minutes by installing a cron on the infected machine. The Kerberods malware also is configured to disable any other cryptocurrency miners it there any on the infected machine. However, like the countless malware threats present on the Internet nowadays, the Kerberods malware can be detected and removed by a fully updated anti-malware tool. Also, do not forget that by using strong security measures and applying all available patches, therefore keeping your software always updated, you can avoid infections like the Kerberods malware.