#GodzillaWebShell

Silent Intrusions: Godzilla Fileless Backdoors Targeting Atlassian Confluence

August 30, 2024 by Xynik

August 30, 2024 at 05:13AM Trend Micro researchers discovered an attack exploiting the CVE-2023-22527 vulnerability in older Atlassian Confluence versions, deploying an in-memory fileless backdoor called Godzilla webshell. The backdoor, developed by “BeichenDream,” evades detection with AES encryption and remains in-memory. The attack highlights the importance of regularly patching servers and using advanced security solutions. … Read more

Apache ActiveMQ Flaw Exploited in New Godzilla Web Shell Attacks

January 22, 2024 by Xynik

January 21, 2024 at 11:03PM Cybersecurity researchers have observed an increase in threat actor activity exploiting a vulnerability in Apache ActiveMQ by delivering the Godzilla web shell. The web shells are concealed within an unknown binary format to evade security measures. This vulnerability has been actively exploited to deploy ransomware, rootkits, cryptocurrency miners, and DDoS … Read more