Researchers at F5 Labs, the threat intelligence arm of F5 Networks, have uncovered a new malware campaign dubbed CryptoSink used deploy an XRM (Monero) mining operation. The campaign exploits a five-year-old vulnerability (CVE-2014-3120) in Elasticsearch systems running on Windows and Linux. It uses previously unseen methods to kill competing crypto-miners on the infected machine and to persist on the server (by replacing the Linux remove command)”]
Source: https://informationsecuritybuzz.com/news/f5-discovers-cryptosink-monero-mining-campaign/