Blog
Share This Post
[ad_1]
Threat actors have been peddling the cloud-based attack tool Araneida, which is based on a pirated version of the web app vulnerability scanner Acunetix, to facilitate reconnaissance attacks, as well as data exfiltration and vulnerability discovery activities, KrebsOnSecurity reports.
More than 30,000 websites were purported to have already been compromised using Araneida, which has been leveraging countless proxies to conceal their users’ locations, according to a Silent Push analysis. “They are constantly bragging with their community about the crimes that are being committed, how it’s making criminals money. They are also selling bulk data and dumps which appear to have been acquired with this tool or due to vulnerabilities found with the tool,” said Silent Push senior threat researcher Zach Edwards. Further examination by KrebsOnSecurity has linked Araneida to a Turkish developer. Meanwhile, exploitation of Acunetix in such intrusions has been acknowledged by its vendor Invicti Security. “We have been playing cat and mouse for a while with these guys,” said Invicti Chief Information Security Officer Matt Sciberras.
Get essential knowledge and practical strategies to fortify your cloud security.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
