Did You Know?



Reply
Community Leader
Jasper_The_Rasper
Posts: 1,047
Registered: ‎06-12-2013

New backdoor worm found attacking websites running Apache Tomcat

Tomdep-1.png

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Researchers have identified new self-replicating malware that infects computers running the Apache Tomcat Web server with a backdoor that can be used to attack other machines.

Java.Tomdep, as the backdoor worm has been dubbed, is Java Servlet-based code that gives Apache Tomcat platforms malicious capabilities. It causes infected machines to maintain Internet relay chat (IRC) communications with attacker servers located in Taiwan and Luxembourg. The control servers send commands and receive progress reports to and from the infected machines. Affected platforms include Linux, Mac OS X, Solaris, and most supported versions of Windows.

In a blog post published Wednesday, Takashi Katsuki, a researcher at security firm Symantec, said Java.Tomdep appears to be designed to harness the huge amounts of bandwidth and computing power available to Web servers for use in denial-of-service attacks against other machines. Unlike Darkleech and other malware targeting Web servers, there's no indication that it's used to attack end users visiting websites.

 

Full Topic

Community Leader

Please use plain text.
New Voice
rocxylemmon
Posts: 5
Registered: ‎11-22-2013

Re: New backdoor worm found attacking websites running Apache Tomcat

Thank you user for this information and I wish you had a daily subscription serve us that I could subscribe to you and get stuff in my e-mail on things like this with you.

Keep up the great work here at Web Root I enjoy your readings.
Please use plain text.