IcePeony Hackers Exploiting Public Web Servers To Inject Webshells

22 October 2024

IcePeony, a China-nexus APT group, has been active since 2023, targeting India, Mauritius, and Vietnam by exploiting SQL injection vulnerabilities to compromise systems using webshells and backdoors, leveraging a custom IIS malware called IceCache. The attackers accidentally exposed a server containing sensitive data, including a zsh_history file that revealed their detailed attack timeline and techniques.

Source: GBHackers

Date:

22 October 2024

Categorie(s):

NEWS

Tag(s):

Cyber Attack, Cyber Security News, Cyber Threats, Hacking, Malware

GHOSTPULSE Hides Within PNG File Pixel Structure To Evade Detections22 October 2024
New AI Tool To Discover 0-Days At Large Scale With A Click Of A Button22 October 2024
Two-thirds of leaders feel Gen AI will reshape entry-level jobs22 October 2024
Critical Chrome Vulnerabilities Let Malicious Apps Run Shell Command on Your PC22 October 2024
IcePeony Hackers Exploiting Public Web Servers To Inject Webshells22 October 2024