Positive Technologies researchers discovered a very rare botnet. Zombie network of servers using Neutrino Trojan attack was being exploited by a hacker to other hackers. After the successful attack, hackers will use these servers to dig encryption currency.
Positive Technologies said that similar to other botnets, Neutrino botnet will search and infect specific applications and servers. Botnets use a variety of techniques, such as search undefended phpMyAdmin server and force access to the system root account. However, other botnets different, Neutrino botnets to focus on hijacking WebShell created by other malicious software. According to reports, Webshel l is a backdoor script that can be operated through a Web interface, used to attack servers.
Positive Technologies said that hackers use Neutrino has been searching various Webshel l. After finding the target, hackers will launch a violent attack to take over the server controlled by WebShell. According to reports, most hackers after infection of the target device will establish defensive measures to prevent other hackers. Thus, examples Neutrino Trojan botnet is rare.
According to the survey, Neutrino Trojan infection keen to run phpStudy Windows servers, but it is phpStudy domestic developers used. In addition, the application server running phpMyAdmin is also very vulnerable. Experts recommend that the server administrator should check the root account password from time to time, to update security patches to avoid such attacks.