New Drupalgeddon Attacks Enlist Shellbot to Open Backdoors

Drupalgeddon 2.0 vulnerability is being exploited again by attackers using a time-honored technique of Shellbot, or PerlBot.

Researchers are warning of a new wave of cyberattacks targeting unpatched Drupal websites that are vulnerable to Drupalgeddon 2.0. What’s unique about this latest series of attacks is that adversaries are using PowerBot malware, an IRC-controlled bot also called PerlBot or Shellbot.

Researchers at IBM Security’s Managed Security Services reported the activity on Wednesdayand said a successful attack can open a backdoor to a vulnerable Drupal websites, giving adversaries complete control over the site. Under the NIST Common Misuse Scoring System, the Drupalgeddon 2.0 vulnerability has been given a score of 24/25, or highly critical.

Read more…
Source: ThreatPost