Some cyber crooks scan the Web looking for unsecured servers to exploit them in various manners. This is the case with the creators of the Kinsing malware. This is a Trojan miner that is designed to target servers that are not secured properly. Malware analysts have spotted countless Docker servers whose operators have failed to secure them – the login credentials used were the default ones. In other cases, the servers in question were not protected by a password at all. Such servers are ripe for the taking by various cybercriminals. The cyber crooks who launched the Kinsing campaign were scanning for unsecured or poorly secured Docker servers like the ones we mentioned.
Cybersecurity researchers first spotted the Kinsing Trojan in 2019. However, the operators of this campaign are still active. The number of infected hosts has been on a slow increase ever since researchers first spotted the Kinsing campaign. The Kinsing Trojan miner is planted on all vulnerable Docker servers that the attackers detect.
The goal of the attackers is to mine cryptocurrency using the computing power of the compromised servers. The Kinsing miner is designed to mine the Monero cryptocurrency. However, the Kinsing Trojan has other features too. This Trojan miner is able to free up hardware resources so that the productivity of the campaign would increase. The Kinsing miner is able to do so by spotting other cryptocurrency miners, which may compete for the host's resources, and remove them. The Kinsing threat also halts a wide variety of services that are not deemed essential. This cunning threat also is able to detect and collect SSH login credentials, which can be utilized in hijacking other servers that may be connected to the same network as the patient-zero server.
The Kinsing Trojan miner is very potent and can be modified easily to add more features, which will make it an even more harmful threat. Server administrators need to be very careful when securing their servers. Cybercriminals are always looking for vulnerable servers, so online security is crucial.