Arbor Networks have recently published a report that claims to have discovered a large-scale password bruteforcing campaign, which has been in operation since April this year.
for the last few months, the campaign would have targeted websites running WordPress or Joomla blogging platforms, while a smaller number of attacks have been aimed at Datalife Engine, a Russian platform.
infected Windows computers are used to bruteforce areas by targeting the administration pages and guess usernames and passwords typical until they have access to accounts. PHP shell files that provide complete control over the webserver then disguised as add-ons to WordPress Joomla or Datalife Engine, and are downloaded to the system.
Arbor Networks succeeded in at least partly trace the hackers, thanks to the inclusion of hardcoded command and addresses of control in malware. The discovery of these places meant that Arbor Networks was able to discover the attacker logs in turn discover more unprecedented information on the extent of the campaign.
newspapers indicate that there are about 25,000 infected Windows computers and over 00 domains that have been compromised, most of which are located in Russia and Ukraine. Security website CSO also discovered that attempts against areas in different countries are increasingly, it seems that this campaign is becoming more and more complex - and thanks to the fact that the attackers modified the malware to stop recording logs that sites like CSOs can access it there is no way to check the latest statistics and details.
in the state, it seems that you will not be at risk for this botnet if you work for a company that uses the one of blogging platforms, but that does not mean that malware will not evolve to target private computers. So it is wise to change your password to something more complex, with lots of numbers and symbols in it, to minimize the risk.
While a VPN service would not be able to defend against an attack of this nature, it is another measure of protection wise you can take to protect your computer when browsing Internet allows you to encrypt your Internet traffic for improved security.
0 Komentar