TrendMicro honeypot sensors recently detected an AESDDoS botnet malware variant (detected by Trend Micro as Backdoor.Linux.AESDDOS.J) exploiting a server-side template injection vulnerability (CVE-2019-3396) in the Widget Connector macro in Atlassian Confluence Server, a collaboration software program used by DevOps professionals. TrendMicro discovered that this malware variant can perform DDoS attacks, remote code execution, and cryptocurrency mining on systems that run vulnerable versions of Confluence Server and Data Center. Atlassian already took steps to fix these issues and recommended that users upgrade to the latest version (6.15.1).

REFERENCE:
https://blog.trendmicro.com/trendlabs-security-intelligence/aesddos-botnet-malware-exploits-cve-2019-3396-to-perform-remote-code-execution-ddos-attacks-and-cryptocurrency-mining/