Skip to main content

New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors

posted onOctober 11, 2018
by l33tdawg
Flickr
Credit: Flickr

Researchers are warning of a new wave of cyberattacks targeting unpatched Drupal websites that are vulnerable to Drupalgeddon 2.0. What’s unique about this latest series of attacks is that adversaries are using PowerBot malware, an IRC-controlled bot also called PerlBot or Shellbot.

Researchers at IBM Security’s Managed Security Services reported the activity on Wednesday and said a successful attack can open a backdoor to a vulnerable Drupal websites, giving adversaries complete control over the site. Under the NIST Common Misuse Scoring System, the Drupalgeddon 2.0 vulnerability has been given a score of 24/25, or highly critical.

The Drupal security team has known about the vulnerability since at least March, reporting under CVE-2018-7600. Upgrading older versions of Drupal 7 to 7.58 and older versions of Drupal 8 to 8.5.1 will patch the Drupalgeddon bug. Drupal is estimated to be used on 2.3 percent of all websites and web apps worldwide.

Source

Tags

Security

You May Also Like

Recent News

Tuesday, November 19th

Friday, November 8th

Friday, November 1st

Tuesday, July 9th

Wednesday, July 3rd

Friday, June 28th

Thursday, June 27th

Thursday, June 13th

Wednesday, June 12th

Tuesday, June 11th