Pro-Ocean Cryptojacking: The New improved rootkit with worm capabilities

What Is Pro-Ocean Malware ?

Pro-Ocean Malware is a new strain of Cryptojacking trojan that mostly targets Apache, WebLogic, Redis, Oracle servers. Pro-Ocean malware is the latest malware targeting vulnerabilities lately in the Wild. It is replica of its existing strain and is crafted with self spreading properties. This makes it most dangerous to make system compromised by exploiting the vulnerabilities of the devices.

This should be taken as concern that in the beginning of the new year, Pro-Ocean malware has emerged but some of the research has been following the Pro-Ocean malware threat since it was discovered back in 2019. Hence the malware has updated its threat functioning as well as its avoidance ability. Pro-Ocean malware is recent and has been observed by its savage behavior and appears like the worm which starts affecting it from the least. This malware is the part of the criminal gang of hackers called Rocke Group. Their main motive is to target the cloud application by utilizing known vulnerabilities such as Oracle WebLogic (CVE-2017-10271), Apache ActiveMQ (CVE-2016-3088), Redis servers. These servers have been hijacked and been used for crypto-mining.

It is know of targeting and compromising cloud computing applications which are unpatched software and network owing to the fact that hackers have improvised this variant and is presented as new and improved rootkit and worm.

Once it is installed in the computer it activates and starts modifying nature for its better kind. Firstly, it wants to get rid of potential competition for materials by removing other crypto-mining malware of its character like – XMRig,Hashfish and Luoxk. This malware wants some space to deploy its own XMRig payloads that uses the CPU to avail and maximum and begins to operate Monero coins immediately. the component of Pro-Ocean is a root-kit module. As its name recommends, its task is to deploy a rootkit threat. Moreover , the hackers of the Rocke Group have now added some new stealth possibilities to make the threatening activity of the threat.

Pro-Ocean latest version consists of four different components. Two of them have remained untouched in large numbers – the crypto mining strain are responsible for running the XMRing payload and the Watchdog module provide with two bash content tasked with searching for CPU- largely processes which make certain that the malware is running on its own. The other two components, moreover display some new abilities that makes it really difficult to get detected owing to its rootkit evasive features.

Related Articles


Please enter your comment!
Please enter your name here

Stay Connected


Latest Articles