Ethical Hacking News Hubb
Advertisement Banner
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact
No Result
View All Result
Wellnessnewshubb
No Result
View All Result
Home Ethical Hackers

New Golang-Based Malware Breaches Web Servers Via Brute-Force Attacks

admin by admin
March 14, 2023
in Ethical Hackers


Mar 14, 2023Ravie LakshmananNetwork Security / Botnet

A new Golang-based malware dubbed GoBruteforcer has been found targeting web servers running phpMyAdmin, MySQL, FTP, and Postgres to corral the devices into a botnet.

“GoBruteforcer chose a Classless Inter-Domain Routing (CIDR) block for scanning the network during the attack, and it targeted all IP addresses within that CIDR range,” Palo Alto Networks Unit 42 researchers said.

“The threat actor chose CIDR block scanning as a way to get access to a wide range of target hosts on different IPs within a network instead of using a single IP address as a target.”

The malware is mainly designed to single out Unix-like platforms running x86, x64 and ARM architectures, with GoBruteforcer attempting to obtain access via a brute-force attack using a list of credentials hard-coded into the binary.

GoBruteforcer

If the attack proves to be successful, an internet relay chat (IRC) bot is deployed on the victim server to establish communications with an actor-controlled server.

GoBruteforcer also leverages a PHP web shell already installed in the victim server to glean more details about the targeted network.

WEBINAR

Discover the Hidden Dangers of Third-Party SaaS Apps

Are you aware of the risks associated with third-party app access to your company’s SaaS apps? Join our webinar to learn about the types of permissions being granted and how to minimize risk.

RESERVE YOUR SEAT

That said, the exact initial intrusion vector used to deliver both GoBruteforcer and the PHP web shell is undetermined as yet. Artifacts collected by the cybersecurity company suggest active development efforts to evolve its tactics and evade detection.

The findings are yet another indication of how threat actors are increasingly adopting Golang to develop cross-platform malware. What’s more, GoBruteforcer’s multi-scan capability enables it to breach a broad set of targets, making it a potent threat.

“Web servers have always been a lucrative target for threat actors,” Unit 42 said. “Weak passwords could lead to serious threats as web servers are an indispensable part of an organization. Malware like GoBruteforcer takes advantage of weak (or default) passwords.”

Found this article interesting? Follow us on Twitter  and LinkedIn to read more exclusive content we post.





Source link

Tags: computer securitycyber attackscyber newscyber security newscyber security news todaycyber security updatescyber updatesdata breachhacker newshacking newshow to hackinformation securitynetwork securityransomware malwaresoftware vulnerabilitythe hacker news
Previous Post

A GraphQL Enumeration And Extraction Tool

Next Post

VPN을 이용해 MLB.tv 블랙아웃 해결하는 방법

Next Post

VPN을 이용해 MLB.tv 블랙아웃 해결하는 방법

Recommended

悪魔の双子攻撃とは?

3 months ago

Trojanized Windows 10 Installer Used in Cyberattacks Against Ukrainian Government Entities

3 months ago

© 2022 Ethical Hacking News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy and Terms & Conditions.

Navigate Site

  • Home
  • News
  • Ethical Hackers
  • Contact

Newsletter Sign Up.

No Result
View All Result
  • Home
  • News
  • Ethical Hackers
  • Contact

© 2022 Ethical Hacking News Hubb All rights reserved.