{"id":12,"date":"2018-05-03T20:26:37","date_gmt":"2018-05-03T20:26:37","guid":{"rendered":"https:\/\/kasperskycontenthub.com\/threatpost\/?p=131687"},"modified":"2018-05-03T20:26:37","modified_gmt":"2018-05-03T20:26:37","slug":"massminer-takes-a-kitchen-sink-approach-to-cryptomining","status":"publish","type":"post","link":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/","title":{"rendered":"MassMiner Takes a Kitchen-Sink Approach to Cryptomining"},"content":{"rendered":"<div class=\"media_block\"><\/div>\n<div><img decoding=\"async\" src=\"https:\/\/media.kasperskycontenthub.com\/wp-content\/uploads\/sites\/31\/2017\/12\/06221944\/Monero-e1513895692174.png\" class=\"ff-og-image-inserted\"\/><\/div>\n<p>Though it falls squarely into the trend of cryptominers setting their sights on the Monero virtual currency, the MassMiner malware family is adding its own special somethin\u2019-somethin\u2019 to the mix. It targets Windows servers with a variety of recent and well-known exploits \u2013 all within a single executable.<\/p>\n<p>In fact, MassMiner uses a veritable cornucopia of attacks: The <a href=\"https:\/\/threatpost.com\/eternalblue-exploit-used-in-retefe-banking-trojan-campaign\/128103\/\">EternalBlue<\/a> National Security Agency hacking tool (<a href=\"https:\/\/docs.microsoft.com\/en-us\/security-updates\/securitybulletins\/2017\/ms17-010\">CVE-2017-0143<\/a>), which it uses to install DoublePulsar and the Gh0st RAT backdoor to establish persistence; an exploit for the well-known Apache Struts flaw that led to the Equifax breach (<a href=\"http:\/\/www.oracle.com\/technetwork\/security-advisory\/cpujul2017-3236622.html\">CVE-2017-5638<\/a>); and an exploit for Oracle\u2019s WebLogic Java application server (<a href=\"http:\/\/www.oracle.com\/technetwork\/security-advisory\/cpuoct2017-3236626.html\">CVE-2017-10271<\/a>). It also uses the SQLck tool to gain brute-force access to Microsoft SQL Servers, and it even incorporates a fork of MassScan, a legitimate tool that can scan the internet in under six minutes.<\/p>\n<p>\u201cIt surprised us how many different exploits and hacking tools it leverages,\u201d said AlienVault researchers Chris Doman and Fernando Martinez, who analyzed the code.<\/p>\n<p>They added that the malware family comprises many different versions, but they all spread first within the local network of its initial host, before attempting to propagate across the wider internet.<\/p>\n<p>As for the anatomy of the attack, compromised Microsoft SQL Servers are first subjected to scripts that install MassMiner and disable a number of important security features and anti-virus protections.<\/p>\n<p>Once the malware has been installed, it sets about mining for Monero and hooking up with a crypto-wallet and mining pool; it also connects with its C2 server for updates, and configures itself to infect other machines on the network. Meanwhile, a short VisualBasic script is used to deploy the malware to compromised Apache Struts servers, and it moves laterally by replicating itself like a worm. MassScan meanwhile passes a list of both private and public IP ranges to scan during execution, to find fresh server targets out on the web that it can break into with the SQLck brute-force tool.<\/p>\n<p>So far, the criminals behind the malware have been successful with this kitchen-sink approach: AlienVault in its <a href=\"https:\/\/www.alienvault.com\/blogs\/labs-research\/massminer-malware-targeting-web-servers\">analysis<\/a> identified two Monero wallets belonging to the attackers.<\/p>\n<p>The success is unsurprising, according to Ruchika Mishra, director of products and solutions at Balbix.<\/p>\n<p>\u201cGiven [the workforce skills shortage], it\u2019s not hard to imagine a multi-pronged attack such as MassMiner bypassing security systems and staying under the radar with relative ease,\u201d Mishra said via email. \u201cWith the proliferation of coin-mining attacks in 2017 and 2018, I foresee continued innovation and a significant uptick in complexity as the barrier to entry for attackers lowers and iterations of successful exploits become more readily available on the Dark Web.\u201d<\/p>\n<p>Worryingly, other capabilities in the bad code suggest that MassMiner may have loftier goals than simply cryptomining. On the EternalBlue front, it uses the exploit to drop the <a href=\"https:\/\/threatpost.com\/nsas-doublepulsar-kernel-exploit-in-use-internet-wide\/125165\/\">DoublePulsar<\/a> Windows kernel attack, which is a sophisticated memory-based payload that hooks onto x86 and 64-bit systems and allows an attacker to execute any raw shellcode payload they wish, giving them full control over the system.<\/p>\n<p>MassMiner also uses EternalBlue to install <a href=\"https:\/\/threatpost.com\/eternalblue-exploit-spreading-gh0st-rat-nitol\/126052\/\">Gh0st RAT<\/a>, a trojan backdoor for persistence that has targeted the Windows platform for years. It was once primarily a nation-state tool used in APT espionage attacks against government agencies, activists and other political targets, until the EternalBlue exploit was used to spread it in other contexts last year.<\/p>\n<p>Incidentally, this is not the only cryptomining malware to make use of the ShadowBrokers\u2019 <a href=\"https:\/\/threatpost.com\/shadowbrokers-remain-an-enigma\/127072\/\">release<\/a> of a trove of NSA exploits. Last week, <a href=\"https:\/\/threatpost.com\/pyromine-uses-nsa-exploit-for-monero-mining-and-backdoors\/131472\/\">a malware called PyRoMine<\/a> that uses the EternalRomance tool was found in the wild mining Monero. Like MassMiner, it has far-ranging and concerning capabilities: It sets up a hidden default account on the victimized machine with system administrator privileges, which can be used for re-infection and further attacks.<\/p>\n<p>The multi-pronged approach may be unusual, but it showcases the increasingly complex task that businesses have in front of them when it comes to their security postures.<\/p>\n<p>\u201cThe enterprise attack surface is hyper-dimensional and constantly increasing with hundreds of attack vectors. Enterprises continue to struggle with not just mapping their attack surfaces, but also identifying which systems are easiest to attack and can be used as a launch point for a breach,\u201d said Mishra.<\/p>\n<p>Read More <a href=\"https:\/\/threatpost.com\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/131687\/\">HERE<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>The malware targets Windows servers with a cornucopia of well-known exploits, all within a single executable &#8212; including the EternalBlue NSA hacking tool. Read More HERE&#8230;<\/p>\n","protected":false},"author":1,"featured_media":13,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"colormag_page_layout":"default_layout","footnotes":""},"categories":[3],"tags":[20,21,17,22,23,24,18,25,26,19,27],"class_list":["post-12","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-threatpost","tag-apache-struts","tag-cryptocurrency","tag-cryptography","tag-cryptominer","tag-eternalblue","tag-hacking-tools","tag-hacks","tag-massminer","tag-monero","tag-vulnerabilities","tag-windows-server"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.8 - https:\/\/yoast.com\/product\/yoast-seo-wordpress\/ -->\n<title>MassMiner Takes a Kitchen-Sink Approach to Cryptomining 2026 | ThreatsHub Cybersecurity News<\/title>\n<meta name=\"description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"MassMiner Takes a Kitchen-Sink Approach to Cryptomining 2026 | ThreatsHub Cybersecurity News\" \/>\n<meta property=\"og:description\" content=\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security &amp; Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/\" \/>\n<meta property=\"og:site_name\" content=\"ThreatsHub Cybersecurity News\" \/>\n<meta property=\"article:published_time\" content=\"2018-05-03T20:26:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png\" \/>\n\t<meta property=\"og:image:width\" content=\"790\" \/>\n\t<meta property=\"og:image:height\" content=\"593\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"thadmin\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@thadmin\" \/>\n<meta name=\"twitter:site\" content=\"@threatshub\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"thadmin\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/\"},\"author\":{\"name\":\"thadmin\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/b07e00649871a6dd150cd57b33f7db66\"},\"headline\":\"MassMiner Takes a Kitchen-Sink Approach to Cryptomining\",\"datePublished\":\"2018-05-03T20:26:37+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/\"},\"wordCount\":716,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png\",\"keywords\":[\"Apache Struts\",\"Cryptocurrency\",\"Cryptography\",\"Cryptominer\",\"EternalBlue\",\"Hacking tools\",\"Hacks\",\"massminer\",\"Monero\",\"Vulnerabilities\",\"Windows server\"],\"articleSection\":[\"Threatpost\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/\",\"name\":\"MassMiner Takes a Kitchen-Sink Approach to Cryptomining 2026 | ThreatsHub Cybersecurity News\",\"isPartOf\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png\",\"datePublished\":\"2018-05-03T20:26:37+00:00\",\"description\":\"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#primaryimage\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png\",\"width\":790,\"height\":593},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.threatshub.org\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Apache Struts\",\"item\":\"https:\/\/www.threatshub.org\/blog\/tag\/apache-struts\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"MassMiner Takes a Kitchen-Sink Approach to Cryptomining\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#website\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"name\":\"ThreatsHub Cybersecurity News\",\"description\":\"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform\",\"publisher\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\"},\"alternateName\":\"Threatshub.org\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#organization\",\"name\":\"ThreatsHub.org\",\"alternateName\":\"Threatshub.org\",\"url\":\"https:\/\/www.threatshub.org\/blog\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"contentUrl\":\"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg\",\"width\":432,\"height\":435,\"caption\":\"ThreatsHub.org\"},\"image\":{\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/x.com\/threatshub\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/b07e00649871a6dd150cd57b33f7db66\",\"name\":\"thadmin\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g\",\"caption\":\"thadmin\"},\"sameAs\":[\"https:\/\/x.com\/thadmin\"]}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"MassMiner Takes a Kitchen-Sink Approach to Cryptomining 2026 | ThreatsHub Cybersecurity News","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/","og_locale":"en_US","og_type":"article","og_title":"MassMiner Takes a Kitchen-Sink Approach to Cryptomining 2026 | ThreatsHub Cybersecurity News","og_description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","og_url":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/","og_site_name":"ThreatsHub Cybersecurity News","article_published_time":"2018-05-03T20:26:37+00:00","og_image":[{"width":790,"height":593,"url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png","type":"image\/png"}],"author":"thadmin","twitter_card":"summary_large_image","twitter_creator":"@thadmin","twitter_site":"@threatshub","twitter_misc":{"Written by":"thadmin","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#article","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/"},"author":{"name":"thadmin","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/b07e00649871a6dd150cd57b33f7db66"},"headline":"MassMiner Takes a Kitchen-Sink Approach to Cryptomining","datePublished":"2018-05-03T20:26:37+00:00","mainEntityOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/"},"wordCount":716,"commentCount":0,"publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png","keywords":["Apache Struts","Cryptocurrency","Cryptography","Cryptominer","EternalBlue","Hacking tools","Hacks","massminer","Monero","Vulnerabilities","Windows server"],"articleSection":["Threatpost"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/","url":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/","name":"MassMiner Takes a Kitchen-Sink Approach to Cryptomining 2026 | ThreatsHub Cybersecurity News","isPartOf":{"@id":"https:\/\/www.threatshub.org\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#primaryimage"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#primaryimage"},"thumbnailUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png","datePublished":"2018-05-03T20:26:37+00:00","description":"ThreatsHub Cybersecurity News | ThreatsHub.org | Cloud Security & Cyber Threats Analysis Hub. 100% Free OSINT Threat Intelligent and Cybersecurity News.","breadcrumb":{"@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#primaryimage","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2018\/05\/massminer-takes-a-kitchen-sink-approach-to-cryptomining.png","width":790,"height":593},{"@type":"BreadcrumbList","@id":"https:\/\/www.threatshub.org\/blog\/massminer-takes-a-kitchen-sink-approach-to-cryptomining\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.threatshub.org\/blog\/"},{"@type":"ListItem","position":2,"name":"Apache Struts","item":"https:\/\/www.threatshub.org\/blog\/tag\/apache-struts\/"},{"@type":"ListItem","position":3,"name":"MassMiner Takes a Kitchen-Sink Approach to Cryptomining"}]},{"@type":"WebSite","@id":"https:\/\/www.threatshub.org\/blog\/#website","url":"https:\/\/www.threatshub.org\/blog\/","name":"ThreatsHub Cybersecurity News","description":"%%focuskw%% Threat Intel \u2013 Threat Intel Services \u2013 CyberIntelligence \u2013 Cyber Threat Intelligence - Threat Intelligence Feeds - Threat Intelligence Reports - CyberSecurity Report \u2013 Cyber Security PDF \u2013 Cybersecurity Trends - Cloud Sandbox \u2013- Threat IntelligencePortal \u2013 Incident Response \u2013 Threat Hunting \u2013 IOC - Yara - Security Operations Center \u2013 SecurityOperation Center \u2013 Security SOC \u2013 SOC Services - Advanced Threat - Threat Detection - TargetedAttack \u2013 APT \u2013 Anti-APT \u2013 Advanced Protection \u2013 Cyber Security Services \u2013 Cybersecurity Services -Threat Intelligence Platform","publisher":{"@id":"https:\/\/www.threatshub.org\/blog\/#organization"},"alternateName":"Threatshub.org","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.threatshub.org\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.threatshub.org\/blog\/#organization","name":"ThreatsHub.org","alternateName":"Threatshub.org","url":"https:\/\/www.threatshub.org\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","contentUrl":"https:\/\/www.threatshub.org\/blog\/coredata\/uploads\/2025\/05\/Threatshub_Favicon1.jpg","width":432,"height":435,"caption":"ThreatsHub.org"},"image":{"@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/x.com\/threatshub"]},{"@type":"Person","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/b07e00649871a6dd150cd57b33f7db66","name":"thadmin","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.threatshub.org\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/64b2823a5e0933c780cab004122ddae4375b28e7a87014931eaea97478ab540f?s=96&d=mm&r=g","caption":"thadmin"},"sameAs":["https:\/\/x.com\/thadmin"]}]}},"_links":{"self":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/12","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/comments?post=12"}],"version-history":[{"count":0,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/posts\/12\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media\/13"}],"wp:attachment":[{"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/media?parent=12"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/categories?post=12"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.threatshub.org\/blog\/wp-json\/wp\/v2\/tags?post=12"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}