Operation Prowli Profits On Weak IoT Devices, Servers | Threatpost | The first stop for security news
A malicious campaign has compromised more than 40,000 machines globally, carrying out traffic-hijacking and cryptomining.
Researchers at Guardicore Labs, who called the campaign Operation Prowli, said it targets a variety of platforms – including Drupal CMS websites, WordPress sites, backup servers running HP Data Protector, DSL modems and vulnerable IoT devices.
“Victim machines are monetized using a variety of methods, relying on internet trends such as digital currencies and traffic redirection,” Gaurdicore Labs said in a post about the campaign, on Wednesday. “Traffic monetization frauds are quite common and are based on redirecting website visitors from their legitimate destination to websites advertising malicious browser extensions, tech support scam services, fake services and more.”