Numerous malware spread in ongoing Apache ActiveMQ flaw exploitation

30 November 2023

Threat actors have begun leveraging the critical Apache ActiveMQ vulnerability, tracked as CVE-2023-46604, to facilitate the distribution of the Golang-based GoTitan botnet and PrCtrl Rat, a .NET program, as well as the Sliver, Kinsing, and Ddostff malware strains, Hackread reports. Attacks exploiting CVE-2023-46604 to deploy the newly discovered GoTitan botnet involved the usage of the OpenWire protocol to create a connection with the vulnerable ActiveMQ server to eventually prompt the retrieval of a malicious XML file to execute the botnet, a report from Fortinet’s FortiGuard Labs revealed.

Source: SC Magazine

Date:

30 November 2023

Categorie(s):

NEWS

Tag(s):

Apache ActiveMQ, Apache Software Foundation, IT, Open Source, Open Source Software

Understanding Scattered Spider, and how they perform cloud-centric identity attacks2 May 2024
Dropbox Sign customer data accessed in breach2 May 2024
Florida man gets 6 years behind bars for flogging fake Cisco kit to US military2 May 2024
Patch up – 4 critical bugs in ArubaOS lead to remote code execution2 May 2024
Menlo Security inks cybersecurity partnership with Google Cloud2 May 2024