More than 600 servers worldwide have been subjected to recent attacks with the Androxgh0st malware, reports Hackread.The U.S., India, and Taiwan accounted for the bulk of the impacted servers, which were compromised by Androxgh0st malware operators through web shells deployed via the exploitation of several security vulnerabilities, including CVE-2019-2725, CVE-2021-3129, and CVE-2024-1709, a report from Veriti Research revealed.Such a development comes months after Androxgh0st operators, which were initially known for the Adhublika ransomware, were noted by a joint Cybersecurity and Infrastructure Security Agency and FBI warning to have been facilitating backdoor access and credential exfiltration through a new botnet.Numerous Laravel apps have also been leveraged by the malware operation to enable the theft of Amazon Web Services, Twilio, and SendGrid accounts, according to the joint advisory that also noted web shell deployment through Apache web server and PHP framework exploits.
Network Security, Malware, Breach and attack simulation
Androxgh0st malware ramps up global attacks
(Adobe Stock)
An In-Depth Guide to Network Security
Get essential knowledge and practical strategies to fortify your network security.
Related Events
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds