Electroneum Joins The Cryptojacking Party: Hackers Exploit IIS 6.0

Researchers from F5 labs found hackers exploiting servers running IIS 6.0 to mine Electroneum, a cryptocurrency not commonly associated with cryptojacking.

Miguel Gomez,
2 hrs ago


Corporate environments that run on the Windows OS are having another bad day as hackers are now exploiting Internet Information Services 6.0 servers to mine Electroneum.

The vulnerability allows hackers to target a server and execute code on it from a remote location, which effectively gives them enough control to download whatever they want and run it.

“F5 researchers recently noticed a new campaign exploiting a vulnerability in Microsoft Internet Information Services 6.0 servers in order to mine Electroneum cryptocurrency,” the Chinese research group that discovered the incidents wrote.

It’s probably important to note that IIS 6.0 comes with Microsoft Windows Server 2003, a version that was released together with Windows XP. Both of these operating systems have no longer been supported by Microsoft with updates for the last 3 years.

The company made an exception to this and released a patch at the end of March last year when it discovered that many corporate systems still run this older version of the software.

However, system operators using such old software might neglect to keep it up to date in the first place.

It’s rather interesting that these hackers in particular choose to mine Electroneum instead of Monero, a cryptocurrency of choice for many others wishing to engage in cryptojacking.

Just a few months ago, using servers to mine Monero was all the rage, with hackers making $3 million alone off of vulnerable machines running the Jenkins Java framework.

A few weeks before that, hackers were making $5,500 per day off of a botnet that mined Monero from 500,000 computers.

With a market capitalization of over $3 billion and $191.29 in value as of the time this is published, Monero continues to be a highly-profitable cryptocurrency.

Perhaps Electroneum’s small value (barely $0.02) is attracting these hackers with the premise that its price might increase significantly over time. For them in particular, the risk-reward ratio is not something they often need to take into account since they are using computer resources that don’t belong to them.