Blog
Share This Post
[ad_1]
BleepingComputer reports that more than 4,000 live web backdoors neglected by threat actors have been identified, taken over, and eventually dismantled following the registration of expired domains.
Included in the discovered web shells were China Chopper — which is a fixture among advanced persistent threat operations — c99shell, and r57shell, as well as a backdoor that integrated Lazarus Group-like capabilities, according to a report from WatchTowr Labs. Such backdoors were noted to have compromised several government organizations in China, Bangladesh, and Nigeria, as well as universities and higher education entities in China, South Korea, and Thailand. Ownership of all 40 domains leveraged to determine the web shells has been passed on to The Shadowserver Foundation, which has since proceeded to sinkhole the backdoors’ communication infrastructure, said WatchTowr Labs researchers. Such findings were noted to indicate the potential renewed usage of expired domains in future cyberattacks.
[ad_2]
Source link
Subscribe To Our Newsletter
Get updates and learn from the best
More To Explore
US Charges Five People Over North Korean IT Worker Scheme
[ad_1] The US has announced charges against five individuals involved in a fake IT workers scheme to funnel funds to
In Other News: VPN Supply Chain Attack, PayPal $2M Settlement, RAT Builder Hacks Script Kiddies
[ad_1] Noteworthy stories that might have slipped under the radar: Korean VPN supply chain attack, PayPal settles with New York
