Skip to main content

Chinese hackers target servers running Apache Struts apps

posted onAugust 15, 2013
by l33tdawg

Chinese hackers are using an automated tool to exploit known vulnerabilities in Apache Struts, in order to install backdoors on servers hosting applications developed with the framework.

Apache Struts is a popular open-source framework for developing Java-based Web applications that's maintained by the Apache Software Foundation.

Several security updates were released for Struts this year, including last month, to address highly critical vulnerabilities that could enable remote attackers to execute arbitrary commands on Web servers running applications built with the framework. Hackers have since taken notice and are now actively exploiting those flaws, according to researchers from security firm Trend Micro, who found a tool on Chinese underground forums that automates attacks against vulnerable Struts versions.

Source

Tags

Hackers Apache Security China

You May Also Like

Recent News

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th

Friday, June 7th

Thursday, June 6th