What happens when your vulnerability is weaponized for botnet proliferation

📰

What happens when your vulnerability is weaponized for botnet proliferation

Akamai·Larry Cashdollar·about 1 month ago

#file #upload #jquery #botnet #plugins #photo

Reading 0:00

15s threshold

An examination of exploits used by the KashmirBlack botnet \r\n Not too long ago, I read a couple of excellent articles by Sarit Yerushalmi and Ofir Shaty on their research of the KhasmirBlack botnet , which are published&nbsp; here &nbsp;and&nbsp; here . \r\n Their articles described the KashmirBlack botnet infecting sites via various exploitable WordPress plugins. One of the things I noticed is that the botnet used some of my own vulnerability disclosures, so I decided to investigate how the botnet was using these vulnerabilities to propagate itself. \r\n This post will focus on the weaponization of a few of the exploits only, as Sarit and Ofir documented everything else. I'll examine two of the exploits I disclosed a few years ago, as well, to satisfy my own morbid curiosity.…

Continue reading — create a free account

Join HashtagPLUS to read full articles, follow hashtags, vote, and join the conversation.

Create free account Log in

Menu

What happens when your vulnerability is weaponized for botnet proliferation