Security News > 2024 > July > Hackers attack HFS servers to drop malware and Monero miners
Hackers are targeting older versions of the HTTP File Server from Rejetto to drop malware and cryptocurrency mining software.
The researchers say that during the attacks the hackers collect information about the system, install backdoors and various other types of malware.
In many cases, the attackers terminate the HFS process after they add a new user to the administrators' group, to prevent other threat actors from using it.
AhnLab researchers note that they keep detecting attacks on version 2.3m of HFS. Because the server needs to be exposed online for the file sharing to be possible, hackers will like continue looking for vulnerable versions to attack.
The company provides a set of indicators of compromise in the report, which include hashes for the malware installed on breached systems, IP addresses for attacker command and control servers, and the download URLs for the malware used in the attacks.
Microsoft fixes Windows zero-day exploited in QakBot malware attacks.
News URL
Related news
- Chinese FamousSparrow hackers deploy upgraded malware in attacks (source)
- New Linux Malware ‘Auto-Color’ Grants Hackers Full Remote Access to Compromised Systems (source)
- Bybit Hack Traced to Safe{Wallet} Supply Chain Attack Exploited by North Korean Hackers (source)
- Silver Fox APT Uses Winos 4.0 Malware in Cyber Attacks Against Taiwanese Organizations (source)
- Hackers Exploit Paragon Partition Manager Driver Vulnerability in Ransomware Attacks (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- Over 37,000 VMware ESXi servers vulnerable to ongoing attacks (source)
- New ‘Rules File Backdoor’ Attack Lets Hackers Inject Malicious Code via AI Code Editors (source)
- TechRepublic EXCLUSIVE: New Ransomware Attacks are Getting More Personal as Hackers ‘Apply Psychological Pressure” (source)
- ⚡ THN Weekly Recap: GitHub Supply Chain Attack, AI Malware, BYOVD Tactics, and More (source)