#SeleniumGreed

Misconfigured Selenium Grid servers abused for Monero mining

by

July 29, 2024 at 02:09AM Threat actors exploit a misconfiguration in Selenium Grid to deploy XMRig for mining Monero. With over 100 million pulls on Docker Hub, the open-source framework allows testing across various environments. Wiz researchers discovered a year-long “SeleniumGreed” attack due to Selenium Grid’s lack of default authentication. Attackers gain remote access via … Read more

Ongoing Cyberattack Targets Exposed Selenium Grid Services for Crypto Mining

by

July 26, 2024 at 02:30AM Cybersecurity researchers have identified an ongoing campaign known as SeleniumGreed, targeting internet-exposed Selenium Grid services for illicit cryptocurrency mining. With the potential for remote command execution, Cloud security Wiz urges proper protection measures, as misconfigured instances pose significant security risks. The threat actor’s identity remains unknown, emphasizing the need for … Read more