The Rocke group is using a new piece of cryptojacking malware dubbed Pro-Ocean to target vulnerable Apache ActiveMQ, Oracle WebLogic, and Redis installs. Malware is an evolution of a Monero cryptocurrency miner that was first spotted by Unit 42 researchers in 2019. The malware is specifically designed to target cloud applications, among its targets there are Alibaba Cloud and Tencent Cloud. Researchers believe threat actors could expand the list of vulnerabilities to target the larger number of cloud applications as possible.”]
Source: https://securityaffairs.co/wordpress/114005/malware/pro-ocean-miner.html