Comment on Thousands of Linux systems infected by stealthy malware since 2021
Buffalox@lemmy.world 4 months agomaybe the number of files it scans looking for misconfigurations
So how did it get into the system to be able to scan configuration files?
nyan@lemmy.cafe 4 months ago
Separate remote code execution vulnerability in unupdated versions of RocketMQ, a Chinese-developed messaging/streaming server, in the case of the infection described in the article. It’s possible that there are a few other RCE vulns it can make use of, but 20000 of them seems unlikely.