Backdoor worm owns Tomcat boxes

Logs in with weak credentials.

In brief: Symantec has uncovered a backdoor self-replicating worm that targets websites running Apache Tomcat.

The worm (Java.Tomdep) affected Mac OS X, Linux and Solaris boxes. A Java Servlet executed on Apache Tomcat opened an IRC link to attacker servers based in Taiwan and Luxembourg.

The worm attempted to log in with weak usernames and passwords when another Tomcat server was detected.

Symantec said: "Aside from standard commands such as download, upload, creating new process, SOCKS proxy, UDP flooding, and updating itself; compromised computers can also scan for other Tomcat servers and send the malware to them."

"It is thus possible that DDoS attacks from the compromised servers are the attacker’s purpose."

Trump's AI hiring campaign draws interest from 25,000 hopefuls

Waymo to update software after power outage snarls robotaxis

Telstra used ConnectID impermissibly for months

NSW Housing Development Authority largely cleared on shadow AI use

Goodman Group strikes $14bn data centre deal

Backdoor worm owns Tomcat boxes

Logs in with weak credentials.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Telstra used ConnectID impermissibly for months

University of Sydney "online IT code library" breached

NSW Health clinicians "normalise" bypass of cyber security controls

UK government was hacked in October, minister confirms

Most popular tech stories

Zara turns to AI to generate fashion imagery

State of HR Tech 2025

Cochlear pilots voice-to-text Salesforce integration for lead management

Audit Office of NSW and Data61 explore AI for gov auditing

State of HR Tech

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Photos: The 2024 IoT Awards winners

Govt launches consumer tech label program for smart devices

'Touch-free' smartphone controlled with head movements

Trump's AI hiring campaign draws interest from 25,000 hopefuls

Waymo to update software after power outage snarls robotaxis

Telstra used ConnectID impermissibly for months

NSW Housing Development Authority largely cleared on shadow AI use

Goodman Group strikes $14bn data centre deal

Backdoor worm owns Tomcat boxes

Logs in with weak credentials.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Telstra used ConnectID impermissibly for months

University of Sydney "online IT code library" breached

NSW Health clinicians "normalise" bypass of cyber security controls

UK government was hacked in October, minister confirms

Most popular tech stories

Zara turns to AI to generate fashion imagery

State of HR Tech 2025

Cochlear pilots voice-to-text Salesforce integration for lead management

Audit Office of NSW and Data61 explore AI for gov auditing

State of HR Tech

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Photos: The 2024 IoT Awards winners

Govt launches consumer tech label program for smart devices

'Touch-free' smartphone controlled with head movements

Log In