Hadooken Malware Targets Weblogic Applications

NetmanageIT OpenCTI - opencti.netmanageit.com

Hadooken Malware Targets Weblogic Applications



SUMMARY :

Aqua Nautilus researchers identified a Linux malware, named Hadooken, targeting Oracle WebLogic servers. Upon gaining initial access through an exploited weak password, Hadooken deploys a cryptominer and the Tsunami malware. The report details the attack flow, techniques employed by the threat actors, including remote code execution, persistence mechanisms, and lateral movement. It also provides Indicators of Compromise (IOCs) and recommendations for detecting and mitigating such attacks.

OPENCTI LABELS :

backdoor,lateral movement,linux,cryptocurrency,mallox,tsunami,weblogic,hadooken


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Hadooken Malware Targets Weblogic Applications