The country’s prime minister Scott Morrison reported that last month governmental and private entities of Australia suffered from the activity of cyber criminals, and such attacks were becoming more often.
Australian institutions is being targeted by hackers.
Australian Cyber Security Centre (ACSC) has published a detailed report on attacks describing them as “most powerful and well-coordinated cyber targeting against Australian institutions ever seen by the Government”.
According to ACSC, criminals used several initial access factors. The most frequent way is through vulnerabilities of a remote execution of code in non-patched Telerik UI versions. Although Telerik UI accelerates the process of web-dosigning, and it is vulnerable to CVE-2019-18935. This is what is used by hackers for attacking systems.
In the past the vulnerability was actuvely used by fraudsters for installing malware software. This May a hacking group known as Blue Mockingbird took this opportunity to infect thousands of systems and install XMRig, a popular tool for mining Monero.