#OracleIV – Xynik

MySQL Servers, Docker Hosts Infected With DDoS Malware

November 14, 2023 by Xynik

November 14, 2023 at 11:39AM Researchers from AhnLab Security Emergency Response Center have warned that attackers are targeting MySQL servers and Docker hosts to infect them with malware capable of launching distributed denial-of-service (DDoS) attacks. The malware, known as Ddostf, is a DDoS-capable botnet of Chinese origin. Attackers scan for vulnerable MySQL servers and upload … Read more

Alert: OracleIV DDoS Botnet Targets Public Docker Engine APIs to Hijack Containers

November 14, 2023 by Xynik

November 14, 2023 at 07:33AM Threat actors are targeting publicly-accessible Docker Engine API instances to create a DDoS botnet called OracleIV. Attackers exploit the misconfiguration to install a malicious Docker container, which contains Python malware. The container also retrieves a shell script from a command-and-control (C&C) server. Cloud security firm Cado observed no evidence of … Read more