Trend Micro uncovered a new crypto mining campaign targeting Linux servers that exploit the CVE-2013-2618 flaw in Cactis Network Weathermap plug-in, which system administrators use to visualize network activity. Most of the Linux servers were located in Japan (12%), China (10%), Taiwan (10%) and the US (9%) Trend Micro recommends keeping internal to the environment data from the tool and also keeping systems updated with the latest patches. Hackers downloaded and installed a customized version of XMRig, a legitimate Monero mining software (dada.x86_64)”]
Source: http://securityaffairs.co/wordpress/70622/hacking/linux-servers-cryptomining.html