New JBOSS Worm Infecting Unpatched Servers 47
Posted
by
timothy
from the malware-spreadeth dept.
from the malware-spreadeth dept.
Trailrunner7 writes "There is a new worm circulating right now that is compromising servers running older versions of the JBoss Application Server and then adding them to a botnet. The worm also attempts to install a remote access tool in order to give the attacker control over the newly infected server. The worm has been circulating for a couple of days at least, and it's not clear right now how many servers have been compromised or what the origins of it are. It apparently exploits an old vulnerability in the JBoss Application Server, which was patched in April 2010, in order to compromise new machines. Once that's accomplished, the worm begins a post-infection routine that includes a number of different steps."
JBoss (Score:4, Funny)
New UNNECESSARY CAPITALIZATION Worm Infecting Unpatched Headlines