Crypto Mining and DDoS Threats: How Hadooken Malware Targets Oracle Web Logic Servers

Crypto Mining and DDoS Threats: How Hadooken Malware Targets Oracle Web Logic Servers

Threat actors were found exploiting poorly secured Oracle WebLogic servers for mining cryptocurrency, building a DDoS botnet, and other malicious activities. 

The Discovery

Researchers from Aqua Cybersecurity found various attacks in the wild and decided to catch culprits by running a honeypot (a cybersecurity technique that creates a decoy system to trick and trap threat actors). Soon after, the experts found a threat actor breaking through weak passwords, and installing a malware called “Hadooken.”
The malware was used in a few other attacks in recent times, and it has two primary functions- a DDoS botnet and cryptocurrency mining. Besides this, the malware gives threat actors complete control over the compromised endpoint. 

About Hadooken Malware

Oracle WebLogic is a Java-based application that allows the management, development, and deployment of enterprise-level apps. It is generally used in financial and banking services, telecommunications, public services, and government organizations. Because of its popularity, WebLogic has also

[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.

This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article: