Security News > 2020 > December > Recent Oracle WebLogic Vulnerability Exploited to Deliver DarkIRC Malware
Threat actors are targeting an Oracle WebLogic flaw patched last month in an attempt to install a piece of malware named DarkIRC on vulnerable systems.
The first attacks targeting it were observed roughly one week after and, in early November, Oracle issued an out-of-band update to address an easy bypass for the initial patch.
According to Juniper Threat Labs' security researchers, there are approximately 3,100 Oracle WebLogic servers that are accessible from the Internet.
The DarkIRC bot, the researchers say, is only one of the several payloads that adversaries are attempting to drop onto the vulnerable servers they discover.
"This vulnerability was fixed by Oracle in October and a subsequent out of cycle patch was also released in November to fix a hole in the previous patch. We recommend affected systems to patch immediately," Juniper Threat Labs notes.