Security News > 2021 > April > FBI hacks into hundreds of infected US servers (and disinfects them)

FBI hacks into hundreds of infected US servers (and disinfects them)
2021-04-14 18:38

As we explained in a recent Serious Security article on Naked Security, a crook who can upload a file into a Windows server directory where web data is stored doesn't merely get a chance to pollute your web server with fake content, as bad as that would be on its own.

Despite several weeks of urgent warnings, not least from Naked Security, there are still plenty of unpatched servers out there just waiting to get pwned.

The Feds went to court for a warrant that authorised them to "Exploit" the webshells visible on unpatched servers.

The FBI conducted the removal by issuing a command through the webshell to the server, which was designed to cause the server to delete only the webshell.

Even if you consider yourself to be a "Full cloud" organisation these days, you may still have legacy servers on your own network that you've forgotten about.

If you're infected, don't wait for someone else to run the webshell for you, because it's probably not going to be the FBI telling your server to disinfect itself.


News URL

https://nakedsecurity.sophos.com/2021/04/14/fbi-hacks-into-hundreds-of-infected-us-servers-and-disinfects-them/