Muhstik Botnet Exploiting Apache RocketMQ Flaw to Expand DDoS Attacks

June 17, 2024

Muhstik botnet exploits a critical Apache RocketMQ flaw (CVE-2023-33246) for remote code execution, targeting Linux servers and IoT devices for DDoS attacks and cryptocurrency mining.
Infection involves executing a shell script from a remote IP, downloading the Muhstik malware binary (“pty3”), and ensuring persistence by copying to multiple directories and editing system files.

About The Author

See author's posts

Post Views: 18

Categories

Leave a Reply Cancel reply

Related Stories

Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

SaaS Budget Planning Guide for IT Professionals

AF themes

You may have missed

Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins

SaaS Budget Planning Guide for IT Professionals

About AF themes

Recent Posts

Connect with Us

About The Author

Leave a Reply Cancel reply

Related Stories

Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

SaaS Budget Planning Guide for IT Professionals

You may have missed

Secret Blizzard Deploys Kazuar Backdoor in Ukraine Using Amadey Malware-as-a-Service

Europol Dismantles 27 DDoS Attack Platforms Across 15 Nations; Admins Arrested

WordPress Hunk Companion Plugin Flaw Exploited to Silently Install Vulnerable Plugins

SaaS Budget Planning Guide for IT Professionals