Mirai Botnet Exploiting OMIGOD Azure Vulnerability

  /     /     /  
Publicated : 23/11/2024   Category : security


Mirai Botnet Exploiting OMIGOD Azure Vulnerability


Microsoft patched four Open Management Infrastructure flaws earlier this week.



Attackers have begun to exploit critical Microsoft Azure vulnerabilities that were disclosed and patched earlier this week, security researchers report.
The
OMIGOD flaws
, discovered by the Wiz Research Team, exist in Open Management Infrastructure (OMI), a widely used but little-known software agent embedded in a range of popular Azure services. They include remote code execution flaw CVE-2021-38647 and privilege escalation vulnerabilities CVE-2021-38648, CVE-2021-38645, and CVE-2021-38649.
New data indicates attackers are scanning the Web for Azure Linux virtual machines that are vulnerable to CVE-2021-38647. The finding was first
spotted
by security researcher Germán Fernández on Thursday evening. Security firms
Bad Packets
and
GreyNoise
later confirmed the activity. And as Fernández pointed out, a Mirai botnet operator is among those scanning.
An unauthenticated, remote attacker could exploit CVE-2021-38647 by sending a specially crafted request to a vulnerable target over a publicly accessible remote management port (5986, 5985, and 1270). If successful, an attacker could become root on a remote machine.
As part of the ongoing Mirai activity, attackers drop a version of the Mirai DDoSbotnet and then close port 5896 from the Internet to stop others from exploiting the same box, as security researcher Kevin Beaumont
wrote on Twitter
. He also
reported
one of his test boxes was targeted by attackers who deployed a cryptominer.
Read more details
here
and
here
.

Last News

▸ Beware EMV may not fully protect against skilled thieves. ◂
Discovered: 23/12/2024
Category: security

▸ Hack Your Hotel Room ◂
Discovered: 23/12/2024
Category: security

▸ Website hacks happened during World Cup final. ◂
Discovered: 23/12/2024
Category: security


Cyber Security Categories
Google Dorks Database
Exploits Vulnerability
Exploit Shellcodes

CVE List
Tools/Apps
News/Aarticles

Phishing Database
Deepfake Detection
Trends/Statistics & Live Infos



Tags:
Mirai Botnet Exploiting OMIGOD Azure Vulnerability