Hadoop Yarn News Today : Breaking News, Live Updates & Top Stories | Vimarsana
Stay updated with breaking news from Hadoop yarn. Get real-time updates on events, politics, business, and more. Visit us for reliable news and exclusive interviews.
Top News In Hadoop Yarn Today - Breaking & Trending Today
Infection Chain The initial infection starts with the exploitation of remote code execution vulnerabilities in Hadoop Yarn, Elasticsearch (CVE-2015-1427) and ThinkPHP (CVE-2019-9082). The payload delivered causes the vulnerable machine to download and execute a malicious shell script. In older campaigns, the shell script itself handled the key functions of infection. The stand-alone script disabled security features, killed off competing infections, established persistence, and in some cases, continued infection attempts across networks found within the known host files, the report notes. But the newer instances of the shell script are written with fewer lines of code and use binary payloads for handling more system interactions, such as killing off competition, disabling security features, modifying SSH keys, downloading malware and starting the miners. ....
According to new research published by Akamai on Tuesday, the technique is being harnessed by operators of a long-running cryptocurrency mining botnet campaign, in which BTC blockchain transactions are being exploited to hide backup command-and-control (C2) server addresses. Botnets rely on C2 servers to receive commands from cyberattackers. Law enforcement and security teams are constantly finding and taking down these C2 servers in order to render campaigns defunct but if backups are in play, takedowns can be more difficult. Akamai says that botnet operators are able to hide backup C2 IP addresses via the blockchain, and this is described as a simple, yet effective, way to defeat takedown attempts. ....