Prometei botnet is hunting for unpatched Microsoft Exchange servers

Cyber criminals are trying to use vulnerabilities in Microsoft Exchange servers to add to their botnet for mining cryptocurrency – but the level of access they’re gaining means they could use their access for other, much more dangerous cyberattacks.

Detailed by cybersecurity researchers at Cybereason, the Prometei botnet is a widespread global campaign that is targeting organisations in a multi-stage attack.

The cyber criminals behind the botnet are exploiting vulnerabilities in Microsoft Exchange Server as a means of penetrating networks. There are existing security updates, which can be installed in order to protect against attacks, but Prometei is scanning the internet for organisations that have yet to apply the patch and using that to gain a foothold on networks.

Read more…
Source: ZDNet