Malware targets Java HTTP servers

A malware that strikes at Java HTTP servers and allowsattackers to gain control on underlying systems has been spotted by securityresearchers of anti-virus vendor Trend Micro Inc.

 “Using a password cracking tool, cybercriminals are ableto login and gain manager/administrative rights allowing the deployment of Webapplication archive (WAR) file packages with the backdoor to the server,”according to a post last Thursday on the Trend Labs. “…Once done, the backdoorcan now browse, upload, edit, delete, download or copy files from the infectedsystem.”

The malware, identified as BKDR-JAVAWAR.JG, comes if theform of a JavaServer Page (JSP) and can only target Java Servlet containerssuch as Apache Tomcat of a Java-based HTTP server, according to Trend Micro.

The malware uses a Web console like:

Related content

Expertswarn of Java exploit

DisableJava, security experts urge

To protect their servers from the threat, Trend Microadvises administrators to regularly implement security updates issued bysoftware vendors; refrain from visiting unknown websites and bookmark trustedsites. Users are also encouraged to use strong passwords.

Readthe whole story here


Related Download
EMC Data Protection For VMWare-Winning In The Real World Sponsor: EMC
EMC Data Protection For VMWare-Winning In The Real World
Download this white paper for a deep dive analysis based on truly real world comparison of EMC data protection vs. Veritas NetBackup for VMware backup and recovery.
Register Now