Backdoor worm owns Tomcat boxes

Logs in with weak credentials.

In brief: Symantec has uncovered a backdoor self-replicating worm that targets websites running Apache Tomcat.

The worm (Java.Tomdep) affected Mac OS X, Linux and Solaris boxes. A Java Servlet executed on Apache Tomcat opened an IRC link to attacker servers based in Taiwan and Luxembourg.

The worm attempted to log in with weak usernames and passwords when another Tomcat server was detected.

Symantec said: "Aside from standard commands such as download, upload, creating new process, SOCKS proxy, UDP flooding, and updating itself; compromised computers can also scan for other Tomcat servers and send the malware to them."

"It is thus possible that DDoS attacks from the compromised servers are the attacker’s purpose."

How Australian Businesses Can Overcome The Struggle to Move AI from Hype to Reality

Schneider Electric: Your One-Stop Shop for Comprehensive AI Solutions

A Hybrid IT Revolution paves the way for sustainability and innovation

Third of chip production could face copper supply disruptions by 2035

Top US diplomat impersonated with AI by unknown actor

Backdoor worm owns Tomcat boxes

Logs in with weak credentials.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

Most popular tech stories

Woolworths Group consolidates 30,000 marketing assets into Adobe platform

Optus' first AI chief Samantha Lawson exits

El Jannah backs Salesforce martech stack to support store expansion

NSW gov employers 'should not' use AI for hiring decisions

L'Oréal links consumer spend uplift to CDP rollout

PHOTOS: The M&A Session - Sydney

Ingram Micro hit by ransomware

Dell’s new platform wants to end HCI vendor lock-in

Announcing the 2025 Impact Awards Partner Leadership finalists

Macquarie Cloud Services to move CareSuper from VMware on AWS to Azure

Blackberry celebrates "giant step forward"

365mesh launches updated Aussie-made vibration sensor

Photos: The 2024 IoT Awards winners

Laing O'Rourke brings IoT to hard hats

NSW Government building business case for state-wide digital twin

How Australian Businesses Can Overcome The Struggle to Move AI from Hype to Reality

Schneider Electric: Your One-Stop Shop for Comprehensive AI Solutions

A Hybrid IT Revolution paves the way for sustainability and innovation

Third of chip production could face copper supply disruptions by 2035

Top US diplomat impersonated with AI by unknown actor

Backdoor worm owns Tomcat boxes

Logs in with weak credentials.

Partner Content

Sponsored Whitepapers

Events

Most Read Articles

Qantas facing 'significant' data theft after cyber attack

Home Affairs officer accessed data on "friends and associates"

Qantas contacted by "potential cyber criminal"

SA Power Networks tackles IAM, cloud security under five-year strategy

Most popular tech stories

Woolworths Group consolidates 30,000 marketing assets into Adobe platform

Optus' first AI chief Samantha Lawson exits

El Jannah backs Salesforce martech stack to support store expansion

NSW gov employers 'should not' use AI for hiring decisions

L'Oréal links consumer spend uplift to CDP rollout

PHOTOS: The M&A Session - Sydney

Ingram Micro hit by ransomware

Dell’s new platform wants to end HCI vendor lock-in

Announcing the 2025 Impact Awards Partner Leadership finalists

Macquarie Cloud Services to move CareSuper from VMware on AWS to Azure

Blackberry celebrates "giant step forward"

365mesh launches updated Aussie-made vibration sensor

Photos: The 2024 IoT Awards winners

Laing O'Rourke brings IoT to hard hats

NSW Government building business case for state-wide digital twin

Log In