Linux Malware mulling to Spoil Black Friday – muunyayo

tonytran2015 1 Comment

https://muunyayo.com/2021/11/22/linux-malware-mulling-to-spoil-black-friday/

TheCyberThrone

Researchers have discovered a new Linux backdoor on compromised ecommerce servers that intercepts and exfiltrates sensitive customer information, including credit card details.

The malicious agent, dubbed linux_avp is written in Golang, and was discovered by researchers at Sansec, who were approached by an affected merchant who couldn’t seem to get rid of malware from his store. Once deployed will take commands from china C2C.

The discovery of the malware across ecommerce stores all around the world comes mere days before the Black Friday shopping extravaganza. The attackers first run automated tests to probe ecommerce websites against dozens of known vulnerabilities. As soon as one is found, it installs a backdoor and uploads the linux_avp server agent.

The linux_avp agent injects fake payment forms on checkout pages displayed to customers of the compromised stores. Further analysis reveals that the fake payment form written in PHP is designed to steal and…

View original post 65 more words

One thought on “Linux Malware mulling to Spoil Black Friday – muunyayo

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.