New Roboto botnet emerges targeting Linux servers running Webmin


A cybercrime group is enslaving Linux servers running vulnerable Webmin apps into a new botnet that security researchers are currently tracking under the name of Roboto.

The botnet’s appearance dates back to this summer and is linked to the disclosure of a major security flaw in a web app installed on more than 215,000 servers — which is the perfect cannon fodder to built a botnet on top.

Back in August, the team behind Webmin, a web-based remote management app for Linux systems, disclosed and patched a vulnerability that allowed attackers to run malicious code with root privileges and take over older Webmin versions.

Read more…
Source: ZDNet