Backdoor worm owns Tomcat boxes

Logs in with weak credentials.

In brief: Symantec has uncovered a backdoor self-replicating worm that targets websites running Apache Tomcat.

The worm (Java.Tomdep) affected Mac OS X, Linux and Solaris boxes. A Java Servlet executed on Apache Tomcat opened an IRC link to attacker servers based in Taiwan and Luxembourg.

The worm attempted to log in with weak usernames and passwords when another Tomcat server was detected.

Symantec said: "Aside from standard commands such as download, upload, creating new process, SOCKS proxy, UDP flooding, and updating itself; compromised computers can also scan for other Tomcat servers and send the malware to them."

"It is thus possible that DDoS attacks from the compromised servers are the attacker’s purpose."

M365 portal buckling as demand for Copilot refunds soar

DVA trials ChatGPT-based tool with 300 staff

Microsoft launches 'superintelligence' team

In pictures: The 2025 iTnews Benchmark Security Awards winners

NAB hits milestone with tech role insourcing

Backdoor worm owns Tomcat boxes

Logs in with weak credentials.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

The BoM has finally tamed SSL

Australian chief at US defence contractor L3Harris sold exploits to Russia

Scores of Australian Cisco devices remain BADCANDY infected

Tasmanian gov agencies impacted by cyber attack

Most popular tech stories

ABC drops Salesforce for Braze

Westpac Intelligence Layer breaks cover

Suncorp creates a "clear execution roadmap" for agentic AI

Qantas' digital and customer head steps down

Uniting uses GenAI to cut admin burden for frontline care workers

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

'Touch-free' smartphone controlled with head movements

We look back at moments in IoT that were important in Australia

M365 portal buckling as demand for Copilot refunds soar

DVA trials ChatGPT-based tool with 300 staff

Microsoft launches 'superintelligence' team

In pictures: The 2025 iTnews Benchmark Security Awards winners

NAB hits milestone with tech role insourcing

Backdoor worm owns Tomcat boxes

Logs in with weak credentials.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

The BoM has finally tamed SSL

Australian chief at US defence contractor L3Harris sold exploits to Russia

Scores of Australian Cisco devices remain BADCANDY infected

Tasmanian gov agencies impacted by cyber attack

Most popular tech stories

ABC drops Salesforce for Braze

Westpac Intelligence Layer breaks cover

Suncorp creates a "clear execution roadmap" for agentic AI

Qantas' digital and customer head steps down

Uniting uses GenAI to cut admin burden for frontline care workers

HamiltonJet partners with digital services provider Fortude

SentinelOne signs distribution agreement with Sektor

Rapid7’s new SIEM combines exposure management with threat detection

The techpartner.news podcast, episode 3: Why security consultancy founder Kat McCrabb started with the hard stuff

Bluechip Infotech enters final stage of Goodson Imports acquisition

Blackberry celebrates "giant step forward"

Photos: Australian industry explores data for net zero

Telstra Purple acquires IoT specialists Alliance Automation, Aqura Technologies

'Touch-free' smartphone controlled with head movements

We look back at moments in IoT that were important in Australia

Log In