Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits

Linux systems are being compromised by the Kinsing malware operator, who is actively taking advantage of the Apache ActiveMQ open-source message broker’s critical vulnerability, CVE-2023-46604.

The vulnerability, which was patched in late October, permits remote code execution. According to Apache’s disclosure, the vulnerability makes use of serialized class types in the OpenWire protocol to enable the execution of arbitrary shell commands.

After the patch was released, researchers discovered that thousands of servers were still vulnerable to attacks, and ransomware groups like HelloKitty and TellYouThePass began to take advantage of the situation.

According to a TrendMicro report published today, Kinsing has joined the group of threat actors read more Kinsing malware exploits Apache ActiveMQ RCE to plant rootkits.

Get up to date on the latest cybersecurity news and enhance your knowledge of cybersecurity with our thorough coverage of the dangers, breaches, and solutions.

Leave a Reply

Your email address will not be published. Required fields are marked *