Security News > 2024 > March > Hackers target Docker, Hadoop, Redis, Confluence with new Golang malware
Hackers are targeting misconfigured servers running Apache Hadoop YARN, Docker, Confluence, or Redis with new Golang-based malware that automates the discovery and compromise of the hosts.
According to the researchers, the hackers deploy a set of four novel Golang payloads that are responsible for identifying and exploiting hosts running services for Hadoop YARN, Docker, Confluence, and Redis.
Another Golang payload discovered is called "Fkoths" and its task is to remove traces of the initial access by deleting Docker images from the Ubuntu or Alpine repositories.
While most of the payloads in the campaign are widely flagged as malicious by antivirus engines on the Virus Total scanning platform, the four Golang binaries for discovering target services are virtually undetected.
New Migo malware disables protection features on Redis servers.
Hackers start exploiting critical Atlassian Confluence RCE flaw.
News URL
Related news
- Docker Desktop blocked on Macs due to false malware alert (source)
- Russia-Linked Hackers Target Kazakhstan in Espionage Campaign with HATVIBE Malware (source)
- Hackers Hide Malware in Images to Deploy VIP Keylogger and 0bj3ctivity Stealer (source)
- Hacker infects 18,000 "script kiddies" with fake malware builder (source)
- North Korean Hackers Deploy FERRET Malware via Fake Job Interviews on macOS (source)
- Hackers exploit SimpleHelp RMM flaws to deploy Sliver malware (source)
- North Korean hackers spotted using ClickFix tactic to deliver malware (source)
- North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware (source)
- Chinese hackers use custom malware to spy on US telecom networks (source)