存在已知漏洞的HFS檔案伺服器遭到鎖定,攻擊者試圖植入惡意程式或將其用於挖礦
支付動態 · 2024-07-05

研究人員針對舊版檔案伺服器系統HTTP File Server(HFS)的資安漏洞CVE-2024-23692提出警告,在滲透測試框架Metasploit加入漏洞攻擊模組後,使用簡體中文的駭客就試圖用於攻擊行動

這些駭客最終於受害電腦部署挖礦軟體XMRig、木馬程式XenoRAT,以及用於掃描系統弱點的指令碼。但除了XenoRAT,對方也使用中國駭客常用的惡意程式,例如:Gh0stRAT、PlugX,此外研究人員也看到植入滲透測試工具Cobalt Strike、網路掃描工具Netcat的情況。

其中一種駭客使用的惡意程式「GoThief」,引起研究人員的關注。這個惡意軟體使用Go語言開發而成,其特點是濫用AWS儲存桶,以此存放從受害電腦偷來的資訊。

熱門文章
Vietnam’s Controlled Gaming Shift Gains Ground, But Domestic Demand Still Lags
Southeast Asia
British gambling levy rates confirmed for each vertical
Regulation
JILI Partners with Cricket Legend AB de Villiers (ABD) to Launch Exclusive Branded Game Series 100% 11
Sports Game
Super PAC Raises $48 Million: Sports Betting Forces Ramp Up Political Push
Regulation
Kazakhstan plans to penalise online casino promotions
Regulation
Manila delivers: Highlights from SiGMA Asia 2026 
Southeast Asia
Brazil Proposes Raising Gambling Tax Rate to 24%, With Revenue Allocated to Social Security and Healthcare
Regulation
UK MPs reopen 2025 gambling inquiry as reform stalls
Regulation
Global Game Connect (GGC) 2027 Officially Opens Sponsorship & Exhibition Opportunities in Sri Lanka!
HUIDU Focus
That’s a Wrap: AffPapa Conference Madrid 2026 Highlights
Online Game
Institutional Academy that exceeded expectations marked the opening of GAT CDMX
Online Game
PropellerAds Positions Itself as a Go-To Traffic Source for iGaming Advertisers Ahead of a High-Demand Season
Marketing
Full House at GAT Expo Cartagena 2026 Academic Agenda
Online Game
B2B Tech Infrastructure Gains Momentum in Philippine Gaming Sector
Southeast Asia
1spin4win grows its Latin American presence by partnering with Fortuna Juegos
Online Game
首頁
遊戲
合作
發現
我的