#ApacheRocketMQ

Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

June 6, 2024 by Xynik

June 6, 2024 at 10:24AM The Muhstik botnet, known for targeting IoT devices and Linux servers, has exploited a security flaw in Apache RocketMQ to expand its scale. It leverages vulnerabilities to execute remote code, persist on hosts, and evade detection, aiming to launch DDoS attacks and engage in cryptomining activities. Organizations are urged to … Read more

Hackers target Apache RocketMQ servers vulnerable to RCE attacks

January 5, 2024 by Xynik

January 5, 2024 at 12:38PM Security researchers have identified critical vulnerabilities, CVE-2023-33246 and CVE-2023-37582, in Apache RocketMQ. Despite an initial patch, these vulnerabilities remain active, impacting the NameServer component in RocketMQ version 5.1 and older. Attackers can exploit these flaws to execute commands and should upgrade to version 5.1.2/4.9.7 or higher to prevent attacks. ShadowServer … Read more