Techly NewsGet the app

Get the latest tech news

Ransomware attackers quickly weaponize PHP vulnerability with 9.8 severity rating | TellYouThePass group opportunistically infects servers that have yet to update


TellYouThePass group opportunistically infects servers that have yet to update.

A feature built into Windows known as Best Fit allows attackers to use a technique known as argument injection to convert user-supplied input into characters that pass malicious commands to the main PHP application. The vast majority of the infected servers have IP addresses geolocated to China, Taiwan, Hong Kong, or Japan, likely stemming from the fact that Chinese and Japanese locales are the only ones confirmed to be vulnerable, Censys researchers said in an email. Since then, the number of infected sites—detected by observing the public-facing HTTP response serving an open directory listing showing the server’s filesystem, along with the distinctive file-naming convention of the ransom note—has fluctuated from a low of 670 on June 8 to a high of 1,800 on Monday.

Get the Android app

Or read this on r/technology

Read more on:

Photo of Ransomware

Ransomware

Photo of servers

servers

Photo of php

php

Related news:

News photo

Ransomware Attackers Quickly Weaponize PHP Vulnerability With 9.8 Severity Rating

News photo

MiTAC/Tyan Shows Off Motherboard and Servers for Intel's Xeon 6 CPUs

News photo

Fired Employee Accessed NCS' Computer 'Test System' and Deleted Servers

« Just Enough Software Architecture (2010)
Elon Musk's Pay Package and Broadcom's Surge | Bloomberg Technology »