September 13, 2024 at 01:11PM Hackers are focusing on Oracle WebLogic servers to inject them with a new Linux malware called “Hadooken.” This malware initiates a cryptominer and a tool for distributed denial-of-service (DDoS) attacks. Based on the meeting notes, it is evident that there is a significant security concern related to hackers targeting Oracle … Read more
September 13, 2024 at 08:03AM A new Linux malware named Hadooken targets Oracle WebLogic servers to install additional malware and extract credentials. It is deployed through attacks exploiting weak passwords, then downloads shell and Python scripts to ensure successful execution. Hadooken drops a cryptominer and Tsunami malware, and creates cronjobs for persistence. Other ransomware families’ … Read more
June 25, 2024 at 06:08AM P2PInfect, initially a dormant malware botnet, has become active, deploying ransomware and a cryptominer on Redis servers. Cado Security reports conflicting evidence about its motives and identifies new features such as cron-based persistence mechanisms and SSH lockout. The malware also targets 32-bit MIPS processors. It now poses a genuine threat … Read more
October 26, 2023 at 09:31AM Researchers at Kaspersky have discovered that a malware called StripedFly, initially thought to be a basic cryptominer, is actually a sophisticated spy platform infecting over 1 million victims. The malware allows attackers to gain control over networks, exfiltrate data, and mine cryptocurrency. It includes a Tor network tunnel and uses … Read more