In yet another display of their professional prowess, hackers have decided to solve the age-old problem of ‘How does one mine for crypto without paying for electricity?’ Answering it with a masterful stroke of ingenuity, they’ve started using Apache HTTP servers. Because, why not?

This time, they exploited a perfectly innocent vulnerability – CVE-2021-41773 – in Apache HTTP Server version 2.4.49, targeting the servers as unsuspecting cryptocurrency miners. This is a path traversal vulnerability, which is, as everyone knows, just hacker speak for ‘taking a scenic route through someone else’s system.’ The exploit lets hackers execute remote code, an activity as harmless as leaving your keys with an invisible, masked stranger. What could possibly go wrong?

In the end, the effort was a smashing success for the hackers. And by ‘smashing success,’ we mean that servers are now humming away as digital pickaxes, diligently working to fill the hackers’ wallets with virtual coins. Expect server admins to be scratching their heads, wondering why their systems are suddenly more profitable than their actual business.