An old vulnerability in Microsoft Corp.’s Internet Information Services 6.0 platform is once again being targeted in a cryptomining attack, but this time around, the cryptocurrency being mined is different.

The vulnerability, CVE-2017-7269, revealed in March 2017, is a Buffer Overflow vulnerability that is believed to affect as many as 8 million sites still running IIS 6.0, web server software bundled with Windows Server 2003 that Microsoft stopped supporting in 2015.

The first known cryptocurrency-related attack exploiting the vulnerability occurred in November. Hackers reportedly created a botnet of several hundred infected servers to mine for Monero, but in the new attack, they’re apparently mining Electroneum, an obscure cryptocurrency that has a focus on mobile devices.

Discovered by F5 Networks Inc. and revealed today, the new campaign involves the targeting of IIS 6.0 servers with a form of malware called lsass.eXe using a technique dubbed “Squiblydoo” to download the malware to a targeted server and then execute it.

Once the malware is executed, targeted servers are used to mine Electroneum via several mining pools, with funds going to one specific wallet. The attacks are said to be targeting servers in both the U.S. and China, with the malware being distributed from a server in Beijing on China’s Unicom’s network.

“This new campaign shows that there are still systems vulnerable to this year-old vulnerability on an operating system that was declared End-of-Life three years ago,” a spokesperson for F5 Networks told SiliconANGLE.

Despite Microsoft dropping support for Server 2003 and IIS 6.0, the operating system giant nonetheless did actually release a patch for the vulnerability in June 2017. That means anyone still using the server software, for whatever reason, really has no excuse not to have guarded against hacking campaigns such as this one.

Image: Electroneum