06-08-2018, 02:12 PM
A new malware, dubbed "Operation Prowli" has been found targeting servers, routers and other devices around the world, this malware uses various attack techniques to breach its intended systems, including the utilization of exploits, password brute-forcing, and abuse of weak configurations.
This new malware is a botnet, and was discovered by researchers at the "GuadiCore" security team. Prowli has already hit 40,000 victim machines from over 9,000 businesses in a various sectors.
The list of infected services and machines are as follows:
---Sh7nk-Z0id
This new malware is a botnet, and was discovered by researchers at the "GuadiCore" security team. Prowli has already hit 40,000 victim machines from over 9,000 businesses in a various sectors.
The list of infected services and machines are as follows:
- Drupal and WordPress CMS servers hosting popular websites
- Joomla! servers running the K2 extension
- Backup serves running HP Data Protection software
- DSL modems
- Servers with an open SSH port
- PhpMyAdmin installations
- NFS boxes
- Servers with exposed SMB ports
- Vulnerable Internet-of-Things (LoT) devices
---Sh7nk-Z0id