MinIO is a high-performance and distributed object storage system used by various organizations.
- As part of the attack, the attackers leverage some social engineering tactics to convince a DevOps engineer to update a MinIO software to a vulnerable version that is impacted by the two vulnerabilities.
- Upon launching the application, attackers exploit the flaws to add a backdoor that allows them to conduct remote code execution attacks on victims’ systems.
Furthermore, researchers note that the backdoor continues to exhibit zero detection on the Virus Total scanning platform.
- The flaws under attack are two high-severity issues impacting all MinIO versions before RELEASE.2023-03-20T20-16-18Z.
- Researchers have found over 50,000 MinIO installations exposed online, which indicates that attackers can exploit these flaws to gain access to sensitive information stored on compromised installations and launch remote code execution attacks.
- The exploits can effectively be used against Linux and Windows environments using specific Downloader Scripts.