Attackers who exploit this vulnerability can secretly enter systems and insert Monero mining malware and other malicious software. This brings risks such as theft of users’ data, secret mining of cryptocurrency, and misuse of system resources.

Based on a report by cybersecurity firm AhnLab, BleepingComputer announced that attackers used a vulnerability in HFS versions 2.3m and earlier to gain remote access to the system and insert various malware. The existence of this vulnerability allows sending commands and full control to the system without requiring any authentication.

AhnLab also found that attackers went beyond just simple system takeover, placing Monero mining software called XMRig and remote access trojans (RATs) such as XenoRAT and Gh0stRAT on devices. Although the scope of these attacks and the amount of Monero mined are not yet clear, users need to act seriously about this issue.

After confirming the vulnerability, Rejetto issued a warning stating that versions 2.3m through 2.4 are “dangerous and should no longer be used.” This warning is critical for users’ safety.

Monero is known as a cryptocurrency with high privacy features. This feature makes it difficult for criminals to track Monero transactions. This feature lies behind why attackers prefer Monero mining software such as XMRig.

XMRig can run on various devices thanks to its efficient and flexible structure. Being open source allows the program to be easily modified. Additionally, XMRig runs discreetly in the background, minimizing the risk of detection. This makes it difficult for users to understand what is happening on their systems.

So, how can you protect yourself against such attacks? Here are some steps you can take:

Keep Your Software Updated: Rejetto has released an update to fix the problem. If you are using HFS, it is critical that you upgrade to the latest version. Updates usually close security vulnerabilities and make your system more secure.

Use Strong Passwords: Use strong and unique passwords to prevent remote access. Change your passwords regularly and do not share them with anyone.

Use a Firewall: A firewall protects your system from unauthorized access by filtering incoming and outgoing traffic.

Scan Regularly: Detect potential threats by regularly scanning your system with security software. These software can detect and remove viruses, malware, and other harmful software from your system.

Watch Out for Suspicious Activity: If you notice anything unusual on your system, such as slowing down, freezing, or running unknown applications, consult a security professional. These symptoms may indicate that your system is under threat.

Using outdated software can leave you vulnerable to cyber attacks. Therefore, do not delay updates, especially of software with detected security vulnerabilities. If you are using Rejetto HTTP File Server, it is recommended that you upgrade to the latest version and protect your system by taking the security measures mentioned above.