Ransomware cyber

Aqua Security Nautilus

Sep 20, 2024 1 min read
Aqua Security Nautilus

Aqua Security Nautilus researchers uncovered the Hadooken malware, which primarily targets Oracle WebLogic servers. Hadooken has been implicated in multiple ransomware attacks and deploys cryptominers after compromising systems. The attackers gained initial access through weak passwords, achieving remote code execution, and utilized scripts for lateral movement within affected networks. Despite no active use of its Tsunami malware component observed, the presence of both the cryptominer and Tsunami indicates a significant threat. The attack has broader implications given that a substantial number of WebLogic servers are connected to the internet, and although many are protected, some exposed administration consoles are at risk.

Source: https://securityaffairs.com/168364/malware/hadooken-targets-oracle-weblogic-servers.html

"id": "aqu000092024",
"linkid": "aquasecteam",
"type": "Ransomware",
"date": "9/2024",
"severity": "100",
"impact": "5",
"explanation": "Attack threatening the organization’s existence"
Published by
Jeremy C
Jeremy C

Join the conversation

You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.