"New 'Hadooken' Linux Malware Targets WebLogic Servers"

Aqua Security's Nautilus research team warns that "Hadooken" Linux malware has been targeting Oracle WebLogic servers to launch additional malware and steal credentials for lateral movement. The malware is used in attacks that exploit weak passwords for initial access. After compromising a WebLogic server, the attackers downloaded shell and Python scripts to fetch and run the malware. This article continues to discuss findings regarding the Hadooken malware targeting Oracle WebLogic applications and its link to multiple ransomware families.

SecurityWeek reports "New 'Hadooken' Linux Malware Targets WebLogic Servers"

Submitted by grigby1