Techly NewsGet the app

Get the latest tech news

Ransomware Attackers Quickly Weaponize PHP Vulnerability With 9.8 Severity Rating


A critical vulnerability in the PHP programming language (CVE-2024-4577) has been exploited by ransomware criminals, leading to the infection of up to 1,800 servers primarily in China with the TellYouThePass ransomware. This vulnerability, which affects PHP when run in CGI mode, allows attackers to ...

A feature built into Windows known as Best Fit allows attackers to use a technique known as argument injection to convert user-supplied input into characters that pass malicious commands to the main PHP application. The vast majority of the infected servers have IP addresses geolocated to China, Taiwan, Hong Kong, or Japan, likely stemming from the fact that Chinese and Japanese locales are the only ones confirmed to be vulnerable, Censys researchers said in an email. Since then, the number of infected sites -- detected by observing the public-facing HTTP response serving an open directory listing showing the server's filesystem, along with the distinctive file-naming convention of the ransom note -- has fluctuated from a low of 670 on June 8 to a high of 1,800 on Monday.

Get the Android app

Or read this on Slashdot

Read more on:

Photo of ransomware attackers

ransomware attackers

Photo of php vulnerability

php vulnerability

Photo of severity rating

severity rating

« The Motorola Razr 2024 series' debut is just around the corner
"Debilitating a Generation": Long Covid May Eventually Affect Most Americans »