Unit 42 researchers uncover a revised version of the same cloud-targeted cryptojacking malware, which now includes new and improved rootkit and worm capabilities. They detail the hiding techniques used by the malware to dodge cybersecurity companies detection methods. Pro-Ocean uses known vulnerabilities to target cloud applications including Apache ActiveMQ, Oracle WebLogic and Redis. The malware is written in Go and compiled to an x64 architecture binary. It contains four modules that deploy during execution — hiding, mining, infecting and watchdog.”]
Source: https://unit42.paloaltonetworks.com/pro-ocean-rocke-groups-new-cryptojacking-malware/

