News on Medial

This new Linux malware is targeting some major victims — Docker, Apache Hadoop, Redis and Confluence all under attack

TechradarTechradar · 9m
This new Linux malware is targeting some major victims — Docker, Apache Hadoop, Redis and Confluence all under attack

Hackers are targeting misconfigured servers running Docker, Confluence, and other services to install cryptocurrency miners. Researchers have discovered a malware campaign that utilizes various payloads to exploit vulnerable servers, including those running Apache Hadoop YARN, Docker, Confluence, and Redis. The attackers take advantage of an unauthenticated and remote OGNL injection vulnerability to execute code and gain access. The malware drops a cryptocurrency miner, spawns a reverse shell, and maintains persistent access to compromised hosts. The specific threat actor behind the campaign has not been identified, but the shell script payloads resemble those used by TeamTNT and WatchDog.

Comments

Download the medial app to read full posts, comements and news.