Hackers organized a botnet from web servers

[Объединенное Детективное Бюро]

Using a PHP script, attackers managed to network about 300 web servers and use them for DDOS attacks. The hacker under the pseudonym Exeman formed the botnet not from ordinary computers, but from web servers, reports NetworkWorld. He used the botnet for a DDOS attack on a Dutch Internet service provider. The attacker was able to subjugate the server to himself using a PHP script of several dozen lines. About 300 servers entered the botnet. The attacker controlled the attack through a simple graphical interface that allows you to set the IP address and port of the victim and set the duration of the attack. The botnet was discovered by specialists from Imperva, an information security company. Imperva believes that the botnet from web servers has its advantages and disadvantages. On the one hand, antivirus software is usually not installed on servers. Compared to ordinary PCs, servers have higher performance, which allows them to be used with greater efficiency. On the other hand, to search for vulnerabilities in server protection, you need to use PHP code, and you can only manage the attack manually. Imperva Technical Director Amichai Shulman has expressed concern that the attacker will continue to build up the power of his botnet or lease it to other hackers. Shulman's words are conveyed by Security Park. The link is not valid

 

[Матушкин Андрей Николаевич]

Thank!