• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Microsoft Identifies Botnet Variant Targeting Windows and Linux Systems

You are here: Home / General Cyber Security News / Microsoft Identifies Botnet Variant Targeting Windows and Linux Systems
May 16, 2022

Microsoft has warned it has identified a new variant of the Sysrv botnet, which deploys coin miners on both of those Windows and Linux methods.

In a thread posted on the Microsoft Security Intelligence (@MsftSecIntel) Twitter account, the tech large uncovered the new variant, which it has named Sysrv-K, is exploiting vulnerabilities in the Spring Framework and WordPress to deploy cryptocurrency miners on these units.

Microsoft defined that the botnet “scans the internet to uncover web servers with a variety of vulnerabilities to put in by itself.” These vulnerabilities variety from route traversal and distant file disclosure to arbitrary file download and distant code execution.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper take secure and enxrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized seller: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Sysrv-K targets a mixture of old vulnerabilities, these types of as people observed in WordPress plugins and more recent ones like CVE-2022-22947. All of these have patches, according to Microsoft.

Worryingly, this new variation appears to have various new attributes. These consist of scanning for WordPress configuration documents and their backups to retrieve databases qualifications, which it employs to acquire command of the webserver. In addition, “Sysvr-K has current interaction capabilities, including the means to use a Telegram bot.”

As with preceding variations, Sysrv-K scans for SSH keys, IP addresses and hostnames just before seeking to unfold copies of itself through the network. This “could put the relaxation of the network at risk of getting portion of the Sysrv-K botnet.”

Microsoft recommended businesses managing possibly Windows or Linux on internet-going through programs to choose motion to shield on their own from the new botnet, these as installing all available security updates. “We highly propose companies to secure internet-struggling with units, which includes timely software of security updates and creating credential cleanliness,” it tweeted.

Final week, Microsoft declared it had issued fixes for 3 zero-working day vulnerabilities in its regular patch Tuesday roundup. The tech huge also lately released a post outlining how the recent ransomware-as-a-support (RaaS) pandemic is staying fuelled by the resources and products and services presented by ‘gig’ staff.


Some components of this report are sourced from:
www.infosecurity-journal.com

Previous Post: «microsoft’s may patch tuesday updates cause windows ad authentication errors Microsoft’s May Patch Tuesday Updates Cause Windows AD Authentication Errors
Next Post: US Manufacturing Giant Parker Hit by Conti Ransomware Gang Cyber Security News»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • Ransomware Attacks Increasing at “Alarming” Rate
  • Senate Report: US Government Lacks Comprehensive Data on Ransomware
  • Popular PyPI Package ‘ctx’ and PHP Library ‘phpass’ Hijacked to Steal AWS Keys
  • Fronton IOT Botnet Packs Disinformation Punch
  • SIM-based Authentication Aims to Transform Device Binding Security to End Phishing
  • New Chaos Ransomware Builder Variant “Yashma” Discovered in the Wild
  • Open source packages with millions of installs hacked to harvest AWS credentials
  • DOE ‌‌‌‌‌‌‌‌‌‌‌‌‌‌‌funds‌ ‌development of Qunnect’s Quantum Repeater
  • Cabinet Office Reports 800 Missing Electronic Devices in Three Years
  • Malware Analysis: Trickbot

Copyright © TheCyberSecurity.News, All Rights Reserved.