• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Microsoft Identifies Botnet Variant Targeting Windows and Linux Systems

You are here: Home / General Cyber Security News / Microsoft Identifies Botnet Variant Targeting Windows and Linux Systems
May 16, 2022

Microsoft has warned it has identified a new variant of the Sysrv botnet, which deploys coin miners on both of those Windows and Linux methods.

In a thread posted on the Microsoft Security Intelligence (@MsftSecIntel) Twitter account, the tech large uncovered the new variant, which it has named Sysrv-K, is exploiting vulnerabilities in the Spring Framework and WordPress to deploy cryptocurrency miners on these units.

Microsoft defined that the botnet “scans the internet to uncover web servers with a variety of vulnerabilities to put in by itself.” These vulnerabilities variety from route traversal and distant file disclosure to arbitrary file download and distant code execution.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


Sysrv-K targets a mixture of old vulnerabilities, these types of as people observed in WordPress plugins and more recent ones like CVE-2022-22947. All of these have patches, according to Microsoft.

Worryingly, this new variation appears to have various new attributes. These consist of scanning for WordPress configuration documents and their backups to retrieve databases qualifications, which it employs to acquire command of the webserver. In addition, “Sysvr-K has current interaction capabilities, including the means to use a Telegram bot.”

As with preceding variations, Sysrv-K scans for SSH keys, IP addresses and hostnames just before seeking to unfold copies of itself through the network. This “could put the relaxation of the network at risk of getting portion of the Sysrv-K botnet.”

Microsoft recommended businesses managing possibly Windows or Linux on internet-going through programs to choose motion to shield on their own from the new botnet, these as installing all available security updates. “We highly propose companies to secure internet-struggling with units, which includes timely software of security updates and creating credential cleanliness,” it tweeted.

Final week, Microsoft declared it had issued fixes for 3 zero-working day vulnerabilities in its regular patch Tuesday roundup. The tech huge also lately released a post outlining how the recent ransomware-as-a-support (RaaS) pandemic is staying fuelled by the resources and products and services presented by ‘gig’ staff.


Some components of this report are sourced from:
www.infosecurity-journal.com

Previous Post: «microsoft’s may patch tuesday updates cause windows ad authentication errors Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors
Next Post: US Manufacturing Giant Parker Hit by Conti Ransomware Gang Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • CISA Unveils Ransomware Notification Initiative
  • WooCommerce Patches Critical Plugin Flaw Affecting Half a Million Sites
  • GitHub Updates Security Protocol For Operations Over SSH
  • Malicious Python Package Uses Unicode Trickery to Evade Detection and Steal Data
  • Some GitHub users must take action after RSA SSH host key exposed
  • THN Webinar: Inside the High Risk of 3rd-Party SaaS Apps
  • Pension Protection Fund confirms employee data exposed in GoAnywhere breach
  • GitHub Swiftly Replaces Exposed RSA SSH Key to Protect Git Operations
  • Now UK Parliament Bans TikTok from its Network and Devices
  • IRS Phishing Emails Used to Distribute Emotet

Copyright © TheCyberSecurity.News, All Rights Reserved.