Last week, news broke that an unsophisticated Linux-based botnet dubbed DemonBot is targeting exposed cloud servers using a vulnerability in Hadoop’s resource management tool to infect cloud servers with the botnet malware.
Gavin Millard, VP of Intelligence at Product Marketing at Tenable
“This isn’t the first time the YARN exploit has been used. Back in September 2018, Palo Alto networks reported that attackers were utilising it as part of several exploits to implant the Xbash malware onto systems.
“The issue for organisations is that, should they be infected, resources will be diverted from the organisations tasks instead performing the botnets exploit attempts. This at least will result in a degradation of service, causing systems to run slower and may even cause outages.
“Mass exploitation of flaws in this manner, point to basic cyber hygiene issues. Easily exploitable issues such as these should be identified and addressed in a timely manner, especially when the assets affected are accessible over the internet.”
