Type
Campaign
Actors
Pub. date
June 4, 2024
Initial access
1-day vulnerability
Impact
Resource hijackingDenial of service
Observed techniques
Observed tools
Targeted technologies
References
Status
Finalized
Last edited
Jun 10, 2024 1:20 PM
Researchers uncovered a new campaign using Muhstik malware to target Apache RocketMQ, a distributed messaging platform, exploiting a remote code execution vulnerability (CVE-2023-33246). Attackers use this vulnerability to download and execute Muhstik malware on compromised instances, leading to activities such as cryptocurrency mining and Distributed Denial of Service (DDoS) attacks.