Chinese Hackers Develop Automated Tools to Exploit Apache Struts Vulnerabilities

Users are advised to update their installations to protect themselves against attacks

By on August 14th, 2013 20:46 GMT

A few days after Apache released a new version of the Struts application development framework to address a number of vulnerabilities, security researchers came across automated tools designed to exploit the security holes in question.

According to Trend Micro experts, the tools have been created by Chinese hackers and they target Struts vulnerabilities that can be exploited to run arbitrary commands on the impacted servers.

The hacking tools are capable of performing several tasks. They can be used to acquire information about the target, steal data, gain and maintain access to the targeted system, and even remove evidence of an attack.

The attacks observed by Trend Micro have been directed at Asian organizations.

Additional technical details regarding the attacks and the hacker tools are available on Trend Micro's blog.

If you haven’t updated your installation, download Apache Struts from Softpedia.

Comments

Hacking tool advertised by Chinese cybercriminals
   Hacking tool advertised by Chinese cybercriminals