A new financial motivated operation dubbed LABRAT has been observed weaponizing a now-patched critical flaw in GitLab as part of a cryptojacking and proxyjacking campaign.
Proxyjacking allows an attacker to rent out a compromised host out to a proxy network, making it possible to monetize the unused bandwidth.
Cryptojacking, on the other hand, refers to the abuse of the system resources to mine cryptocurrency.
During the LABrAT operation, TryCloudflare was used to redirect connections to a password-protected web server that hosted a malicious shell script, Miguel Hernández said.
The vulnerability has been patched since 2021 and the impact is on customers who remain on vulnerable versionsOf GitLab.
👋 Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! 🛍️
If not, consider contributing to my caffeine supply at Buy Me a Coffee ☕️.
Your clicks = cosmic support for more awesome content! 🚀🌈
Leave a Reply