MY BRAND BOOK Chinese-linked Muhstik botnet targets Oracle WebLogic, Drupal

Chinese-linked Muhstik botnet targets Oracle WebLogic, Drupal

By MYBRANDBOOK

A security firm confirmed the Muhstik botnet, has been operating for at least two years, has recently started targeting vulnerabilities in the Oracle WebLogic application server and the Drupal content management system as a way to expand its cryptocurrency mining capabilities, according to the security firm.

Researchers earlier found that Muhstik targeted vulnerable IoT devices, such as routers, to grow its malicious network and perform other tasks, such as mining for cryptocurrency or launching distributed denial-of-service attacks.

The operators behind Muhstik are targeting vulnerabilities in web applications to increase the botnet's reach. This includes two vulnerabilities in Oracle WebLogic, which is used to help build and deploy enterprise Java EE applications.

Those flaws are tracked as CVE-2019-2725 and CVE-2017-10271One of the Oracle WebLogic vulnerabilities, CVE-2019-2725, was disclosed over a year ago, when researchers from Palo Alto Networks Unit 42 warned that it could be used to mine for cryptocurrency or deploy ransomware.

The Lacework researchers note that Muhstik continues to use the IRC protocol to communicate with its command-and-control server, which is fairly common for botnets.

Muhstik then attempts to download other malicious code within the infected device or web application. This includes the XMRig malware that is being increasingly used to mine for cryptocurrency, such as monero.

The botnet also attempts to download a scanning module that searches for other vulnerable applications or connected devices and then attempts to connect those to its malicious infrastructure, according to the report.

"Usually, Muhstik will be instructed to download an XMRig miner and a scanning module. The scanning module is used for growing the botnet through targeting other Linux servers and home routers," Chris Hall, a cloud security researcher at Lacework, notes in the report.

The researchers also found the Muhstik botnet leverages source code from the Mirai botnet. This includes a memory scraper, which can kill other malware within a device.

BREAKING NEWS

Cisco announces AI-native secure Wi-Fi 7 for future-ready employe...

Announcing a major leap in wireless technology, Cisco has launched its Wi...

The BSE benchmark Sensex tumbled over 800 points, leaving investo...

The BSE benchmark Sensex recently experienced a significant drop, tumblin...

North Korean GPS Interference Disrupts Air Traffic...

South Korea's military has publicly accused North Korea of disrupting GP...

US ordered TSMC to halt chip shipments to China...

TSMC has had regular discussions with the government on export control issu...

TECHNO TRENDS

Nazara and ONDC set to transform in-game monetization with ‘

Nazara Technologies has teamed up with the Open Network for Digital Comme...

Jio Platforms and NICSI to offer cloud services to government

In a collaborative initiative, the National Informatics Centre Services In...

BSNL awards ₹5,000 Cr Project to RVNL-Led Consortium

A syndicate led by Rail Vikas Nigam Limited (abbreviated as RVNL), along wi...

Pinterest tracks users without consent, alleges complaint

A recent complaint alleges that Pinterest, the popular image-sharing platf...

E-Magazine

TECHNOTAINMENT

Eloelo teams up with Elvish Yadav for India's biggest digital

Netflix adds 'Moments' feature for saving, sharing scenes from

Netflix has introduced a new “Moments” feature on its mobile app, whic

Jacqueline Fernandez come together with YouTuber Mr. Beast for

Jacqueline Fernandez has partnered with American YouTuber Mr. Beast to b

MOVERS & SHAKERS

Kamal Nath quits SIFY Technologies

Visa elevates Rishi Chhabra as new Country Manager for India

Rishi holds a Master’s in Industrial Engineering from The Ohio State Univ

Genesys welcomes Albert Nel as Senior VP and Regional Sales Le

Genesys continues to deepen its investment in the APAC region. Earlier this

OPEN YOUR EYES

CIO’s should have the understanding "Jugaad" to overcome technology challenges

Newer Technology Solutions To Ensure Business Continuity During COVID-19

Chinese Investments targets start-ups to scale up in India

The dangers of phishing are becoming Top Concern for the CEOs

Digital banking brings revolution during COVID-19

INTERVIEWS

AMD Pensando driving innovation in the DPU architecture space

Bolstering its commitment to help build a truly self-reliant B

CP PLUS is dedicated to spreading a sense of security to every corner of In

Acer addresses evolving customer needs by consistently pushing

Acer offers a comprehensive range of products under one roof, including des

HOT PICK

BOULT unveils AmpVault V10 & V20 powerbanks: Fast charging, sa

SonicWall Launches TZ80: A Powerful Solution for Remote Office

SonicWall announced today the launch of the TZ80, a groundbreaking securit

Gigabyte X3D Turbo: A Gaming Revolution

GIGABYTE X3D Turbo Mode is a cutting-edge feature that unifies cores distr

MAKE IN INDIA BRANDS

VEHERE INTERACTIVE PVT. LTD.

FIRE BOLTT

QUICK HEAL TECHNOLOGIES PVT. LTD.

BEETEL TELETECH LTD.

EMINENT CIO'S OF INDIA

AIM TO PUT IA SOLUTIONS WITH A WIDE “GENERAL INTELLIGENCE” SCOPE INTO PRACTICE

Our firm is fortunate to be led by distinguished i...

USING AI & BI OFFERINGS TO ADDRESS CLIENT NEEDS

In the fiscal year 2024-25, Assisto Technologies h...

AI TO IMPROVE INSIGHTS THROUGH AUGMENTED ANALYTICS, WHILE EDGE COMPUTING TO ALLOW REAL-TIME PROCESSING

For the fiscal year 2024-25, our organization has ...

ICONS OF INDIA

Icons Of India : Arundhati Bhattacharya

Arundhati Bhattacharya serves as the Chairperson and CEO of Salesforce...

Icons Of India : CP Gurnani

Former Managing Director and CEO of the well-known IT service company ...

ICONS OF INDIA : SRIDHAR VEMBU

Sridhar Vembu is the chief executive officer (CEO) of Zoho Corporation...

PARTNER SPEAKERS

Innovation and Adaptability help to stay relevant

Utilizing data analytics tools, companies can track various metrics such as we...

Redefining The Future Of Telecom and Networking Industry with Make in India Initiative

Syrotech Networks has seen a notable uptick in customer acceptance of digital ...

Gauging Brand Awareness with Data-Driven insights

Arrow PC Network utilizes data-driven insights extensively to gauge brand awar...

PSU

IOCL - Indian Oil Corporation Ltd.

IOCL is India’s largest oil refining and marketing company ...

RailTel Corporation of India Limited

RailTel is a leading telecommunications infrastructure provider in Ind...

IREDA - Indian Renewable Energy Development Agency Limited

IREDA is a specialized financial institution in India that facilitates...

VIDEOS

Top 25 Brands

Most Trusted Brands 2024 : Salesforce Inc.

Salesforce prioritizes customer success and satisfaction, focusing on building...

Most Trusted Brands 2024 : Cisco Systems Inc

Cisco positions itself as the company that connects people, devices, and data,...

Most Trusted Brands 2024 : AMD

Advanced Micro Devices (AMD) has been a key player in the semiconductor indust...

Global Indian industry

Indian Tech Talent Excelling The Tech World - Dheeraj Pandey, CEO, DevRev

Dheeraj Pandey, Co-founder and CEO at DevRev , has a remarkable journe...

Indian Tech Talent Excelling The Tech World - ARVIND KRISHNA, CEO – IBM

Arvind Krishna, an Indian-American business executive, serves as the C...

Indian Tech Talent Excelling The Tech World - ANJALI SUD, CEO – Tubi

Anjali Sud, the former CEO of Vimeo, now leads Tubi, Fox Corporation�...

STARNITE AWARDS 2024

ITFORUM 2024

CMO of the Year

WOMEN LEADERSHIP

IMAGE GALLERY

TRENDS IN TECHNOLOGY