A newly discovered and self-spreading Golang-based malware has been actively dropping XMRig cryptocurrency miners on Windows and Linux servers since early December. The multi-platform malware also has worm capabilities that allow it to spread to other systems by brute-forcing public-facing services (i.e., MySql, Tomcat, Jenkins and WebLogic) with weak passwords as revealed by Intezer security researcher Avigayil Mechtinger. The attackers behind this campaign have been actively updating the worm’s capabilities through its command-and-control (C2) server since it was first spotted.
Source: https://www.bleepingcomputer.com/news/security/new-worm-turns-windows-linux-servers-into-monero-miners/