Techly NewsGet the app

Get the latest tech news

DripDropper Linux malware cleans up after itself - how it works


This malware will still foul you up; it just doesn't want anyone messing with your servers while it's using you.

"It's unusual to see adversaries 'fix' the very systems they've compromised, but this strategy ensures their access stays exclusive and makes initial exploitation harder to trace," said the Red Canary team. Why anyone would be running an ActiveMQ instance that has such a serious bug -- the Apache Software Foundation gave it a maximum danger rating of 10 on the Common Vulnerability Scoring System (CVSS) scale -- is beyond me. To cement their grip, for their final move, attackers download legitimate ActiveMQ JAR files from Apache's Maven repository, overwriting the vulnerable originals.

Get the Android app

Or read this on ZDNet

Read more on:

Photo of DripDropper Linux

DripDropper Linux

« Silicon Valley’s AI deals are creating zombie startups: ‘You hollowed out the organization’
Helldivers 2 hits Xbox next week with a Halo-themed Warbond coming to PS5 and PC too »