Hackers exploit Apache ActiveMQ flaw to install DripDropper on Linux, then patch it to block rivals and hide their tracks. Red Canary researchers observed attackers exploit a 2-year-old Apache ActiveMQ vulnerability, tracked as CVE-2023-46604 (CVSS score of 10.0), to gain persistence on cloud Linux systems and deploy DripDropper malware. Uniquely, they patch the flaw post-exploit […]
First seen on securityaffairs.com
Jump to article: securityaffairs.com/181356/malware/hackers-deploy-dripdropper-via-apache-activemq-flaw-patch-systems-to-evade-detection.html
