Researchers with Lacework have published new findings on Muhstik, the long-active botnet currently employing several web application exploits to mine cryptocurrency and target Oracle WebLogic and Drupal. The botnet is monetized via XMRig, cgmining and with DDoS attack services.
Lacework researchers note: “Muhstik leverages IRC for its command and control and has consistently used the same infrastructure since its inception. The primary method of propagation for IoT devices is via home routers however there are multiple attempted exploits for Linux server propagation. Targeted routers include GPON home router, DD-WRT router, and the Tomato router… (its activities are) tied to cryptomining and Linux backdoors.
Experts Comments
Dot Your Expert Comments
Only for registered and approved experts. Please register before providing comments. Register here
Linkedin Message
@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Internet Relay Chat (IRC) has been largely forgotten in this day of myriad web and application based chat options...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/ceo-perspective-on-muhstik-iot-botnet-infecting-cloud-servers-mining-crypto
Facebook Message
@Saryu Nayyar, CEO, provides expert commentary for "dot your expert comments" at @Information Security Buzz.
"Internet Relay Chat (IRC) has been largely forgotten in this day of myriad web and application based chat options...."
#infosec #cybersecurity #isdots
https://informationsecuritybuzz.com/expert-comments/ceo-perspective-on-muhstik-iot-botnet-infecting-cloud-servers-mining-crypto