Threat actors were found exploiting poorly secured Oracle WebLogic servers for mining cryptocurrency, building a DDoS botnet, and other malicious activities.
The Discovery
Researchers from Aqua Cybersecurity found various attacks in the wild and decided to catch culprits by running a honeypot (a cybersecurity technique that creates a decoy system to trick and trap threat actors). Soon after, the experts found a threat actor breaking through weak passwords, and installing a malware called “Hadooken.”
The malware was used in a few other attacks in recent times, and it has two primary functions- a DDoS botnet and cryptocurrency mining. Besides this, the malware gives threat actors complete control over the compromised endpoint.
About Hadooken Malware
Oracle WebLogic is a Java-based application that allows the management, development, and deployment of enterprise-level apps. It is generally used in financial and banking services, telecommunications, public services, and government organizations. Because of its popularity, WebLogic has also
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents
Read the original article: