Advanced Power" botnet attempts to
hack website using victim's machine
S ecurity researcher Brian Krebs has discovered a new Botnet that tests websites for vulnerabilities using the infected machines.
The malware disguise itself as a legitimate Firefox add on called "Microsoft .NET Framework Assistant" is apparently using the infected machines to find SQL Injection vulnerability in any website visited by the victim.
Once the malware determine the list of vulnerable website, the cyber criminals behind the botnet will be able to exploit the vulnerability to inject malicious codes in the websites. So, it will probably help the attacker to increase the number of infected websites and systems.
The malware also capable of stealing sensitive information. However, the feature is not appeared to be activated on infected systems.
The malware disguise itself as a legitimate Firefox add on called "Microsoft .NET Framework Assistant" is apparently using the infected machines to find SQL Injection vulnerability in any website visited by the victim.
Once the malware determine the list of vulnerable website, the cyber criminals behind the botnet will be able to exploit the vulnerability to inject malicious codes in the websites. So, it will probably help the attacker to increase the number of infected websites and systems.
Advanced Power test SQL Injection vulnerability |
The malware also capable of stealing sensitive information. However, the feature is not appeared to be activated on infected systems.
Alex Holden, chief information security officer at Hold Security LLC, analyzed the malware and believes the malware authors are from Czech Republic, based on the text string available in the threat.
No comments:
Post a Comment