Security News > 2021 > April > FBI hacks into hundreds of infected US servers (and disinfects them)
As we explained in a recent Serious Security article on Naked Security, a crook who can upload a file into a Windows server directory where web data is stored doesn't merely get a chance to pollute your web server with fake content, as bad as that would be on its own.
Despite several weeks of urgent warnings, not least from Naked Security, there are still plenty of unpatched servers out there just waiting to get pwned.
The Feds went to court for a warrant that authorised them to "Exploit" the webshells visible on unpatched servers.
The FBI conducted the removal by issuing a command through the webshell to the server, which was designed to cause the server to delete only the webshell.
Even if you consider yourself to be a "Full cloud" organisation these days, you may still have legacy servers on your own network that you've forgotten about.
If you're infected, don't wait for someone else to run the webshell for you, because it's probably not going to be the FBI telling your server to disinfect itself.
News URL
Related news
- US govt officials’ communications compromised in recent telecom hack (source)
- 8 US telcos compromised, FBI advises Americans to use encrypted communications (source)
- US arrests Scattered Spider suspect linked to telecom hacks (source)
- Wyden proposes bill to secure US telecoms after Salt Typhoon hacks (source)
- US court finds spyware maker NSO liable for WhatsApp hacks (source)