Intrusions leveraging the vulnerability have facilitated the distribution of not only the GOREVERSE reverse proxy server but also the Condi malware, the Mirai botnet variant Jenx, and four other cryptocurrency mining payloads, as well as the advanced SideWalk Linux backdoor linked to Chinese state-backed threat group APT41, a report from Fortinet FortiGuard Labs showed. Attackers’ primary targeting of South America, Europe, and Asia “suggests a sophisticated and far-reaching attack campaign, potentially exploiting vulnerabilities common to these diverse markets or targeting specific industries prevalent in these areas,”

Source: SC Magazine