An aggressive and sophisticated malware campaign is targeting Linux and Windows servers with an assortment of exploits. Hackers are using the same exploit used for the Equifax hack. The campaign was detected by security researchers from F5 Networks, who named it Zealot, after zealot.zip, one of the files dropped on targeted servers. Many of the terms and file names used for this campaign are taken from StarCraft, such as Zealot and Observer. The group could have used more Monero wallets, meaning the total sum could be higher.
Source: https://www.bleepingcomputer.com/news/security/-zealot-campaign-uses-nsa-exploits-to-mine-monero-on-windows-and-linux-servers/

