sales@siconsult.com

Phone: +44 (0)20 332 70699

Visit Si Engineering

SiConsult Location SiConsult Location SiConsult Location

The Latest Cyber
Intelligence
from Si

Si Cyber Intel: StealthWorker Malware Uses Compromised Windows And Linux Computers To Deliver A Series Of Brute Force Attacks
Mar2019

Si Cyber Intel: StealthWorker Malware Uses Compromised Windows And Linux Computers To Deliver A Series Of Brute Force Attacks

A malicious new malware dubbed ‘StealthWorker’ or ‘GoDub’ has been discovered by researchers. The malware works by dropping multi-platform brute force attacks on compromised Linux and Windows machines which then goes on to brute force other computers in order to create a malicious campaign of brute force attacks.

Researchers have identified that ‘StealthWorker’ has two main functions; ‘_check_’ functions that identify and verify the service as a suitable host and then the ‘_brut_’ function of the malware that uses the brute force attacks on the victim.

Researchers from FortiGuard Labs have identified that StealthWorker malware has been linked to many compromised Magento-powered e-commerce websites in which attackers have worked by embedding as a skimmer to retrieve card details and target personal information.

FortiGuard also reported that the malware was able to exploit a number of vulnerabilities in cPanel Content Management Systems (CMS), Magento and phpMyAdmin to aid infiltration due to weak credentials and found that if that failed, it would use the brute force function to gain access.

StealthWorker begins by scheduling an execution that ensures the malware still exists even when the system is rebooted. Once firmly infiltrated into the system, StealthWorker connects to its C&C server to give the go-ahead that it is ready to function as a worker and reports back with the host’s information and credentials as ‘saveGood’.

For information about how you can protect your organisation, please contact sales@siconsult.com

 

All News

Register and stay up to date with Si’s Cyber Intelligence

By using this form you agree with the storage and handling of your data by this website.

Interested in our services?

Do you have a question or need more information?

We would like to hear from you! Please complete the form below and a representative from Si will follow up with you as soon as possible.

By using this form you agree with the storage and handling of your data by this website. Please view the terms of our policy here.
Close

Al Barsha Business Point, Office 501, Al Barsha One, P.O. Box 283996, Dubai, UAE

CALL OFFICE EMAIL OFFICE
Close

1st Floor, 6 Bevis Marks, London, EC3A 7BA

CALL OFFICE EMAIL OFFICE
Close

Supreme Headquarters Building, Office 807-810, Survey No. 36, Pune-Bangalore Highway, Baner, Pune 411045, India

CALL OFFICE EMAIL OFFICE
Close

Office 808, Tower II, The Gate Mall, West Bay, Doha, Qatar, PO Box 14023

CALL OFFICE EMAIL OFFICE

Thank you for your enquiry. We will be in touch shortly.

Thank you for signing up to Si news.

Thank you for your download request. We will email it shortly.

Thank you for your partner registration application. We will be in touch shortly.

Thank you for your enquiry. We will be in touch shortly.

Thank you for your download request. We will email it shortly.

Thank you – your request has been submitted and you will be contacted within 24 hours.

Thank you – your request has been submitted and you will be contacted within 24 hours.

Thank you – your interest in this event has been submitted and you will be contacted within 24 hours.