“…It’s important to note that vulnerabilities that affect CMS frameworks – like Drupalgeddon 2.0 – are particularly concerning because the systems make up a significant portion of the internet and are prime candidates for botnet herding…Botnets, as history has shown us, are a fundamental tactic used by bad actors for criminal activity and a main profit driver for the cyber-crime underground – as they can be used for cryptomining, spam, identity theft, phishing, financial fraud, DDoS and more. So, even though the Kitty malware is simply lining bad actors’ pockets with cryptocoins at the moment, we should expect to see new variants of malware that exploit Drupalgeddon 2.0 to execute further attacks as well.”

Read more here.